Re: [PATCH 0/5] Guarded Userspace Access Prevention on Radix

2018-11-08 Thread Benjamin Herrenschmidt
On Thu, 2018-11-08 at 18:52 +0100, Christophe LEROY wrote: > > In signal_32.c and signal_64.c, save_user_regs() calls __put_user() to > modify code, then calls flush_icache_range() on user addresses. > > Shouldn't flush_icache_range() be performed with userspace access > protection unlocked ?

Re: [PATCH 0/5] Guarded Userspace Access Prevention on Radix

2018-11-08 Thread Christophe LEROY
Le 01/11/2018 à 04:54, Russell Currey a écrit : On Wed, 2018-10-31 at 17:58 +0100, LEROY Christophe wrote: Russell Currey a écrit : On Fri, 2018-10-26 at 18:29 +0200, LEROY Christophe wrote: Russell Currey a écrit : Guarded Userspace Access Prevention is a security mechanism that preve

Re: [PATCH 0/5] Guarded Userspace Access Prevention on Radix

2018-10-31 Thread Russell Currey
On Wed, 2018-10-31 at 17:58 +0100, LEROY Christophe wrote: > Russell Currey a écrit : > > > On Fri, 2018-10-26 at 18:29 +0200, LEROY Christophe wrote: > > > Russell Currey a écrit : > > > > > > > Guarded Userspace Access Prevention is a security mechanism > > > > that > > > > prevents > > > > t

Re: [PATCH 0/5] Guarded Userspace Access Prevention on Radix

2018-10-31 Thread LEROY Christophe
Russell Currey a écrit : On Fri, 2018-10-26 at 18:29 +0200, LEROY Christophe wrote: Russell Currey a écrit : > Guarded Userspace Access Prevention is a security mechanism that > prevents > the kernel from being able to read and write userspace addresses > outside of > the allowed paths, most

Re: [PATCH 0/5] Guarded Userspace Access Prevention on Radix

2018-10-30 Thread Russell Currey
On Fri, 2018-10-26 at 18:29 +0200, LEROY Christophe wrote: > Russell Currey a écrit : > > > Guarded Userspace Access Prevention is a security mechanism that > > prevents > > the kernel from being able to read and write userspace addresses > > outside of > > the allowed paths, most commonly copy_{

Re: [PATCH 0/5] Guarded Userspace Access Prevention on Radix

2018-10-26 Thread LEROY Christophe
Russell Currey a écrit : Guarded Userspace Access Prevention is a security mechanism that prevents the kernel from being able to read and write userspace addresses outside of the allowed paths, most commonly copy_{to/from}_user(). At present, the only CPU that supports this is POWER9, and only

[PATCH 0/5] Guarded Userspace Access Prevention on Radix

2018-10-25 Thread Russell Currey
Guarded Userspace Access Prevention is a security mechanism that prevents the kernel from being able to read and write userspace addresses outside of the allowed paths, most commonly copy_{to/from}_user(). At present, the only CPU that supports this is POWER9, and only while using the Radix MMU.