subject:"\[PATCH v10 1\/3\] x86\/syscalls\: Check address limit on user\-mode return"

Re: [PATCH v10 1/3] x86/syscalls: Check address limit on user-mode return

2017-07-06 Thread Thomas Garnier

On Thu, Jul 6, 2017 at 1:48 PM, Thomas Gleixner wrote: > On Thu, 6 Jul 2017, Thomas Garnier wrote: >> On Wed, Jun 28, 2017 at 10:52 AM, Kees Cook wrote: >> > >> > On Tue, Jun 20, 2017 at 1:24 PM, Kees Cook wrote: >> > > On Wed,

Re: [PATCH v10 1/3] x86/syscalls: Check address limit on user-mode return

2017-07-06 Thread Thomas Garnier

On Thu, Jul 6, 2017 at 1:48 PM, Thomas Gleixner wrote: > On Thu, 6 Jul 2017, Thomas Garnier wrote: >> On Wed, Jun 28, 2017 at 10:52 AM, Kees Cook wrote: >> > >> > On Tue, Jun 20, 2017 at 1:24 PM, Kees Cook wrote: >> > > On Wed, Jun 14, 2017 at 6:12 PM, Thomas Garnier >> > > wrote: >> > >>

Re: [PATCH v10 1/3] x86/syscalls: Check address limit on user-mode return

2017-07-06 Thread Thomas Gleixner

On Thu, 6 Jul 2017, Thomas Garnier wrote: > On Wed, Jun 28, 2017 at 10:52 AM, Kees Cook wrote: > > > > On Tue, Jun 20, 2017 at 1:24 PM, Kees Cook wrote: > > > On Wed, Jun 14, 2017 at 6:12 PM, Thomas Garnier > > > wrote: > > >>

Re: [PATCH v10 1/3] x86/syscalls: Check address limit on user-mode return

2017-07-06 Thread Thomas Gleixner

On Thu, 6 Jul 2017, Thomas Garnier wrote: > On Wed, Jun 28, 2017 at 10:52 AM, Kees Cook wrote: > > > > On Tue, Jun 20, 2017 at 1:24 PM, Kees Cook wrote: > > > On Wed, Jun 14, 2017 at 6:12 PM, Thomas Garnier > > > wrote: > > >> Ensure the address limit is a user-mode segment before returning to

Re: [PATCH v10 1/3] x86/syscalls: Check address limit on user-mode return

2017-07-06 Thread Thomas Garnier

On Wed, Jun 28, 2017 at 10:52 AM, Kees Cook wrote: > > On Tue, Jun 20, 2017 at 1:24 PM, Kees Cook wrote: > > On Wed, Jun 14, 2017 at 6:12 PM, Thomas Garnier wrote: > >> Ensure the address limit is a user-mode segment before

Re: [PATCH v10 1/3] x86/syscalls: Check address limit on user-mode return

2017-07-06 Thread Thomas Garnier

On Wed, Jun 28, 2017 at 10:52 AM, Kees Cook wrote: > > On Tue, Jun 20, 2017 at 1:24 PM, Kees Cook wrote: > > On Wed, Jun 14, 2017 at 6:12 PM, Thomas Garnier wrote: > >> Ensure the address limit is a user-mode segment before returning to > >> user-mode. Otherwise a process can corrupt

Re: [PATCH v10 1/3] x86/syscalls: Check address limit on user-mode return

2017-06-28 Thread Kees Cook

On Tue, Jun 20, 2017 at 1:24 PM, Kees Cook wrote: > On Wed, Jun 14, 2017 at 6:12 PM, Thomas Garnier wrote: >> Ensure the address limit is a user-mode segment before returning to >> user-mode. Otherwise a process can corrupt kernel-mode memory and

Re: [PATCH v10 1/3] x86/syscalls: Check address limit on user-mode return

2017-06-28 Thread Kees Cook

On Tue, Jun 20, 2017 at 1:24 PM, Kees Cook wrote: > On Wed, Jun 14, 2017 at 6:12 PM, Thomas Garnier wrote: >> Ensure the address limit is a user-mode segment before returning to >> user-mode. Otherwise a process can corrupt kernel-mode memory and elevate >> privileges [1]. >> >> The set_fs

Re: [PATCH v10 1/3] x86/syscalls: Check address limit on user-mode return

2017-06-20 Thread Kees Cook

On Wed, Jun 14, 2017 at 6:12 PM, Thomas Garnier wrote: > Ensure the address limit is a user-mode segment before returning to > user-mode. Otherwise a process can corrupt kernel-mode memory and elevate > privileges [1]. > > The set_fs function sets the TIF_SETFS flag to force

Re: [PATCH v10 1/3] x86/syscalls: Check address limit on user-mode return

2017-06-20 Thread Kees Cook

On Wed, Jun 14, 2017 at 6:12 PM, Thomas Garnier wrote: > Ensure the address limit is a user-mode segment before returning to > user-mode. Otherwise a process can corrupt kernel-mode memory and elevate > privileges [1]. > > The set_fs function sets the TIF_SETFS flag to force a slow path on >

[PATCH v10 1/3] x86/syscalls: Check address limit on user-mode return

2017-06-14 Thread Thomas Garnier

Ensure the address limit is a user-mode segment before returning to user-mode. Otherwise a process can corrupt kernel-mode memory and elevate privileges [1]. The set_fs function sets the TIF_SETFS flag to force a slow path on return. In the slow path, the address limit is checked to be USER_DS if

[PATCH v10 1/3] x86/syscalls: Check address limit on user-mode return

2017-06-14 Thread Thomas Garnier

Ensure the address limit is a user-mode segment before returning to user-mode. Otherwise a process can corrupt kernel-mode memory and elevate privileges [1]. The set_fs function sets the TIF_SETFS flag to force a slow path on return. In the slow path, the address limit is checked to be USER_DS if

Re: [PATCH v10 1/3] x86/syscalls: Check address limit on user-mode return

Re: [PATCH v10 1/3] x86/syscalls: Check address limit on user-mode return

Re: [PATCH v10 1/3] x86/syscalls: Check address limit on user-mode return

Re: [PATCH v10 1/3] x86/syscalls: Check address limit on user-mode return

Re: [PATCH v10 1/3] x86/syscalls: Check address limit on user-mode return

Re: [PATCH v10 1/3] x86/syscalls: Check address limit on user-mode return

Re: [PATCH v10 1/3] x86/syscalls: Check address limit on user-mode return

Re: [PATCH v10 1/3] x86/syscalls: Check address limit on user-mode return

Re: [PATCH v10 1/3] x86/syscalls: Check address limit on user-mode return

Re: [PATCH v10 1/3] x86/syscalls: Check address limit on user-mode return

[PATCH v10 1/3] x86/syscalls: Check address limit on user-mode return

[PATCH v10 1/3] x86/syscalls: Check address limit on user-mode return

12 matches

Site Navigation

Mail list logo

Footer information