--
Dear friend do you receive my last message? write me back to my email
let me know.
On Sun, Jul 07, 2019 at 05:49:35PM +0200, Salvatore Mesoraca wrote:
> Al Viro wrote:
> >
> > On Sat, Jul 06, 2019 at 12:54:47PM +0200, Salvatore Mesoraca wrote:
> >
> > > +#define sara_warn_or_return(err, msg) do { \
> > > + if ((sara_wxp_flags & SARA_WXP_VERBOSE))\
> > > +
From: Salvatore Mesoraca
> Sent: 06 July 2019 11:55
...
> Executable MMAP prevention works by preventing any new executable
> allocation after the dynamic libraries have been loaded. It works under the
> assumption that, when the dynamic libraries have been finished loading, the
> RELRO section wil
Al Viro wrote:
>
> On Sat, Jul 06, 2019 at 12:54:47PM +0200, Salvatore Mesoraca wrote:
>
> > +#define sara_warn_or_return(err, msg) do { \
> > + if ((sara_wxp_flags & SARA_WXP_VERBOSE))\
> > + pr_wxp(msg);\
> > + if (!(sara_wxp_flag
On Sat, Jul 06, 2019 at 12:54:47PM +0200, Salvatore Mesoraca wrote:
> +#define sara_warn_or_return(err, msg) do { \
> + if ((sara_wxp_flags & SARA_WXP_VERBOSE))\
> + pr_wxp(msg);\
> + if (!(sara_wxp_flags & SARA_WXP_COMPLAIN))
If unsure, answer Y.
>
> +config SECURITY_SARA_WXPROT
> + bool "WX Protection: W^X and W!->X protections"
> + depends on SECURITY_SARA
> + default y
> + help
> + WX Protection aims to improve user-space programs security by
> applying:
>
Introduction of S.A.R.A. WX Protection.
It aims to improve user-space programs security by applying:
- W^X enforcement
- W!->X (once writable never executable) mprotect restriction
- Executable MMAP prevention
All of the above features can be enabled or disabled both system wide
or on a
This allow threads to get current WX Protection flags for themselves or
for other threads (if they have CAP_MAC_ADMIN).
It also allow a thread to set itself flags to a stricter set of rules than
the current one.
Via a new wxprot flag (SARA_WXP_FORCE_WXORX) is it possible to ask the
kernel to
4.14-stable review patch. If anyone has any objections, please let me know.
--
From: Thomas Gleixner
commit b4bf4f924b1d7bade38fd51b2e401d20d0956e4d upstream.
ptdump_walk_pgd_level_checkwx() checks the kernel page table for WX pages,
but does not check the
From: Thomas Gleixner
ptdump_walk_pgd_level_checkwx() checks the kernel page table for WX pages,
but does not check the PAGE_TABLE_ISOLATION user space page table.
Restructure the code so that dmesg output is selected by an explicit
argument and not implicit via checking the pgd argument for
From: Thomas Gleixner
ptdump_walk_pgd_level_checkwx() checks the kernel page table for WX pages,
but does not check the PAGE_TABLE_ISOLATION user space page table.
Restructure the code so that dmesg output is selected by an explicit
argument and not implicit via checking the pgd argument for
From: Thomas Gleixner
ptdump_walk_pgd_level_checkwx() checks the kernel page table for WX pages,
but does not check the PAGE_TABLE_ISOLATION user space page table.
Restructure the code so that dmesg output is selected by an explicit
argument and not implicit via checking the pgd argument for
Hi,
Page table dumping code for arm64-x86 is reusable,
and they have function for WX page checking.
But arm doesn't have that.
This path series are to makes ptdump reusable,
and add WX page checking for arm.
This is heavily based on arm64 version.
v2 :
Fix a sender name of mail header,
On Wed, Dec 6, 2017 at 2:23 AM, Jinbum Park wrote:
> Hi,
>
> Page table dumping code for arm64-x86 is reusable,
> and they have function for WX page checking.
> But arm doesn't have that.
>
> This path series are to makes ptdump reusable,
> and add WX page checki
Hi,
Page table dumping code for arm64-x86 is reusable,
and they have function for WX page checking.
But arm doesn't have that.
This path series are to makes ptdump reusable,
and add WX page checking for arm.
This is heavily based on arm64 version.
v2 :
Fix a sender name of mail header,
On 12/06/2017 02:23 AM, Jinbum Park wrote:
Hi,
Page table dumping code for arm64-x86 is reusable,
and they have function for WX page checking.
But arm doesn't have that.
This path series are to makes ptdump reusable,
and add WX page checking for arm.
This is heavily based on arm64 version
Hi,
Page table dumping code for arm64-x86 is reusable,
and they have function for WX page checking.
But arm doesn't have that.
This path series are to makes ptdump reusable,
and add WX page checking for arm.
This is heavily based on arm64 version.
v2 :
Fix a sender name of mail header,
On 12/04/2017 06:24 AM, Jinbum Park wrote:
Hi,
Page table dumping code for arm64-x86 is reusable,
and they have function for WX page checking.
But arm doesn't have that.
This path series are to makes ptdump reusable,
and add WX page checking for arm.
This is heavily based on arm64 version
On Mon, Dec 4, 2017 at 6:24 AM, Jinbum Park wrote:
> Hi,
>
> Page table dumping code for arm64-x86 is reusable,
> and they have function for WX page checking.
> But arm doesn't have that.
>
> This path series are to makes ptdump reusable,
> and add WX page checki
From: Thomas Gleixner
ptdump_walk_pgd_level_checkwx() checks the kernel page table for WX pages,
but does not check the KERNEL_PAGE_TABLE_ISOLATION user space page table.
Restructure the code so that dmesg output is selected by an explicit
argument and not implicit via checking the pgd argument
Hi,
Page table dumping code for arm64-x86 is reusable,
and they have function for WX page checking.
But arm doesn't have that.
This path series are to makes ptdump reusable,
and add WX page checking for arm.
This is heavily based on arm64 version.
v2 :
Fix a sender name of mail header,
Hi,
Page table dumping code for arm64-x86 is reusable,
and they have function for WX page checking.
But arm doesn't have that.
This path series are to makes ptdump reusable,
and add WX page checking for arm.
This is heavily based on arm64 version.
v2 :
Fix a sender name of mail header,
Hi,
Page table dumping code for arm64-x86 is reusable,
and they have function for WX page checking.
But arm doesn't have that.
This path series are to makes ptdump reusable,
and add WX page checking for arm.
This is heavily based on arm64 version.
Jinbum Park (3):
arm: mm: dump: make
On 11/26/2017 03:14 PM, Thomas Gleixner wrote:
> +void ptdump_walk_shadow_pgd_level_checkwx(void)
> +{
> +#ifdef CONFIG_KAISER
> + pgd_t *pgd = (pgd_t *) &init_top_pgt;
> +
> + pr_info("x86/mm: Checking shadow page tables\n");
> + pgd += PTRS_PER_PGD;
> + ptdump_walk_pgd_level_core(
From: Thomas Gleixner
ptdump_walk_pgd_level_checkwx() checks the kernel page table for WX pages,
but does not check the Kaiser shadow page table.
Restructure the code so that dmesg output is selected by an explicit
argument and not implicit via checking the pgd argument for !NULL.
Add the check
ptdump_walk_pgd_level_checkwx() checks the kernel page table for WX pages,
but does not check the KAISER shadow page table.
Restructure the code so that dmesg output is selected by an explicit
argument and not implicit via checking the pgd argument for !NULL.
Add the check for the shadow page
ptdump_walk_pgd_level_checkwx() checks the kernel page table for WX pages,
but does not check the KAISER shadow page table.
Restructure the code so that dmesg output is selected by an explicit
argument and not implicit via checking the pgd argument for !NULL.
Add the check for the shadow page
Introduction of S.A.R.A. WX Protection.
It aims to improve user-space programs security by applying:
- W^X enforcement
- W!->X (once writable never executable) mprotect restriction
- Executable MMAP prevention
All of the above features can be enabled or disabled both system wide
or on a
This allow threads to get current WX Protection flags for themselves or
for other threads (if they have CAP_MAC_ADMIN).
It also allow a thread to set itself flags to a stricter set of rules than
the current one.
Via a new wxprot flag (SARA_WXP_FORCE_WXORX) is it possible to ask the
kernel to
Introduction of S.A.R.A. WX Protection.
It aims to improve user-space programs security by applying:
- W^X enforcement
- W!->X (once writable never executable) mprotect restriction
- Executable MMAP prevention
All of the above features can be enabled or disabled both system wide
or on a
This allow threads to get current WX Protection flags for themselves or
for other threads (if they have CAP_MAC_ADMIN).
It also allow a thread to set itself flags to a stricter set of rules than
the current one.
Via a new wxprot flag (SARA_WXP_FORCE_WXORX) is it possible to ask the
kernel to
2017-06-28 1:04 GMT+02:00 Kees Cook :
> On Thu, Jun 15, 2017 at 9:42 AM, Salvatore Mesoraca
> wrote:
>> +static int sara_check_vmflags(vm_flags_t vm_flags)
>> +{
>> + u16 sara_wxp_flags = get_current_sara_wxp_flags();
>> +
>> + if (sara_enabled && wxprot_enabled) {
>> + i
On Thu, Jun 15, 2017 at 9:42 AM, Salvatore Mesoraca
wrote:
> +static int sara_check_vmflags(vm_flags_t vm_flags)
> +{
> + u16 sara_wxp_flags = get_current_sara_wxp_flags();
> +
> + if (sara_enabled && wxprot_enabled) {
> + if (sara_wxp_flags & SARA_WXP_WXORX &&
> +
Introduction of S.A.R.A. WX Protection.
It aims to improve user-space programs security by applying:
- W^X enforcement
- W!->X (once writable never executable) mprotect restriction
- Executable MMAP prevention
All of the above features can be enabled or disabled both system wide
or on a
This allow threads to get current WX Protection flags for themselves or
for other threads (if they have CAP_MAC_ADMIN).
It also allow a thread to set itself flags to a stricter set of rules than
the current one.
Via a new wxprot flag (SARA_WXP_FORCE_WXORX) is it possible to ask the
kernel to
This allow processes to get current WX Protection flags for themselves or
for other processes of the same user.
It also allow a process to set itself flags to a stricter set of rules than
the current one.
Via a new wxprot flag (SARA_WXP_FORCE_WXORX) is it possible to ask the
kernel to rescan the
Introduction of S.A.R.A. WX Protection.
It aims to improve user-space programs security by applying:
- W^X enforcement
- W!->X (once writable never executable) mprotect restriction
- Executable MMAP prevention
All of the above features can be enabled or disabled both system wide
or on a
On 7 November 2016 at 19:49, Mark Rutland wrote:
> On Mon, Nov 07, 2016 at 03:38:02PM +, Mark Rutland wrote:
>> On Sun, Oct 30, 2016 at 03:03:07PM +, Catalin Marinas wrote:
>> > On Thu, Oct 27, 2016 at 09:27:30AM -0700, Laura Abbott wrote:
>> > > Laura Abbott (4):
>> > > arm64: dump: Mak
On Mon, Nov 07, 2016 at 03:38:02PM +, Mark Rutland wrote:
> On Sun, Oct 30, 2016 at 03:03:07PM +, Catalin Marinas wrote:
> > On Thu, Oct 27, 2016 at 09:27:30AM -0700, Laura Abbott wrote:
> > > Laura Abbott (4):
> > > arm64: dump: Make ptdump debugfs a separate option
> > > arm64: dump:
On Mon, Nov 07, 2016 at 08:26:34AM -0800, Laura Abbott wrote:
> On 11/07/2016 07:38 AM, Mark Rutland wrote:
> >From 06fef1ad1138d0808eec770e64458a350941bd2d Mon Sep 17 00:00:00 2001
> >From: Mark Rutland
> >Date: Mon, 7 Nov 2016 15:24:40 +
> >Subject: [PATCH] Fix KASAN splats with DEBUG_WX
[..
ray for ptdump_check_wx only contains one element. Thus we
dereference some garbage on the stack when looking at
marker[1].start_address.
Given we don't need the markers for the WX checks, we could modify
note_page to allow for a NULL marker array, but for now it's simpler to
add an
), but the
marker array for ptdump_check_wx only contains one element. Thus we
dereference some garbage on the stack when looking at
marker[1].start_address.
Given we don't need the markers for the WX checks, we could modify
note_page to allow for a NULL marker array, but for now it's s
On Thu, Oct 27, 2016 at 09:27:30AM -0700, Laura Abbott wrote:
> Laura Abbott (4):
> arm64: dump: Make ptdump debugfs a separate option
> arm64: dump: Make the page table dumping seq_file optional
> arm64: dump: Remove max_addr
> arm64: dump: Add checking for writable and exectuable pages
Q
Hi,
This is v4 of the implementation to check for writable and executable pages on
arm64. This version contains a review from Ard and makes the UXN page count
a separate variable. Overall, minor changes.
Thanks,
Laura
Laura Abbott (4):
arm64: dump: Make ptdump debugfs a separate option
arm64
Hi,
This is v3 of the implementation to check for writable and executable pages on
arm64. This is a basically a rebase + acks.
Laura Abbott (4):
arm64: dump: Make ptdump debugfs a separate option
arm64: dump: Make the page table dumping seq_file optional
arm64: dump: Remove max_addr
arm64
Hi,
This is v2 of the implementation to check for writable and executable pages on
arm64.
Major changes since v1:
- I realized my concerns about initialization and registration were unfounded
so registration to register page tables with debugfs is simplified.
- New patch to remove max_addr sinc
On Thu, Sep 29, 2016 at 2:32 PM, Laura Abbott wrote:
>
> Hi,
>
> This is an implementation to check for writable and executable pages on arm64.
> This is heavily based on the x86 version which uses the existing page table
> dumping code to do the checking. Some notes:
>
> - The W^X checking is imp
Hi,
This is an implementation to check for writable and executable pages on arm64.
This is heavily based on the x86 version which uses the existing page table
dumping code to do the checking. Some notes:
- The W^X checking is important so this option should become defaut eventually.
To make th
48 matches
Mail list logo