Re: [PATCH v3 02/31] usercopy: Enforce slab cache usercopy region boundaries

On Wed, 20 Sep 2017, Kees Cook wrote: > diff --git a/mm/slab.c b/mm/slab.c > index 87b6e5e0cdaf..df268999cf02 100644 > --- a/mm/slab.c > +++ b/mm/slab.c > @@ -4408,7 +4408,9 @@ module_init(slab_proc_init); > > #ifdef CONFIG_HARDENED_USERCOPY > /* > - * Rejects objects that are incorrectly

Re: [PATCH v3 02/31] usercopy: Enforce slab cache usercopy region boundaries

On Wed, 20 Sep 2017, Kees Cook wrote: > diff --git a/mm/slab.c b/mm/slab.c > index 87b6e5e0cdaf..df268999cf02 100644 > --- a/mm/slab.c > +++ b/mm/slab.c > @@ -4408,7 +4408,9 @@ module_init(slab_proc_init); > > #ifdef CONFIG_HARDENED_USERCOPY > /* > - * Rejects objects that are incorrectly

[PATCH v3 02/31] usercopy: Enforce slab cache usercopy region boundaries

From: David Windsor This patch adds the enforcement component of usercopy cache whitelisting, and is modified from Brad Spengler/PaX Team's PAX_USERCOPY whitelisting code in the last public patch of grsecurity/PaX based on my understanding of the code. Changes or omissions

[PATCH v3 02/31] usercopy: Enforce slab cache usercopy region boundaries

From: David Windsor This patch adds the enforcement component of usercopy cache whitelisting, and is modified from Brad Spengler/PaX Team's PAX_USERCOPY whitelisting code in the last public patch of grsecurity/PaX based on my understanding of the code. Changes or omissions from the original code