From: Kees Cook
> Sent: 15 July 2016 22:44
> This is a start of the mainline port of PAX_USERCOPY[1].
...
> - if address range is in the current process stack, it must be within the
> current stack frame (if such checking is possible) or at least entirely
> within the current process's stack.
On Wed, Jul 20, 2016 at 2:52 AM, David Laight wrote:
> From: Kees Cook
>> Sent: 15 July 2016 22:44
>> This is a start of the mainline port of PAX_USERCOPY[1].
> ...
>> - if address range is in the current process stack, it must be within the
>> current stack frame (if such checking is possible)
From: Kees Cook
> Sent: 20 July 2016 16:32
...
> Yup: that's exactly what it's doing: walking up the stack. :)
Remind me to make sure all our customers run kernels with it disabled.
David
___
Linuxppc-dev mailing list
Linuxppc-dev@lists.ozlabs.
On Wed, 2016-07-20 at 16:02 +, David Laight wrote:
> From: Kees Cook
> > Sent: 20 July 2016 16:32
> ...
> > Yup: that's exactly what it's doing: walking up the stack. :)
>
> Remind me to make sure all our customers run kernels with it
> disabled.
You want a single copy_from_user to write to d
On Wed, Jul 20, 2016 at 9:02 AM, David Laight wrote:
> From: Kees Cook
>> Sent: 20 July 2016 16:32
> ...
>> Yup: that's exactly what it's doing: walking up the stack. :)
>
> Remind me to make sure all our customers run kernels with it disabled.
What's your concern with stack walking?
-Kees
--
On Fri, 2016-07-15 at 14:44 -0700, Kees Cook wrote:
> Hi,
>
> [I'm going to carry this series in my kspp -next tree now, though I'd
> really love to have some explicit Acked-bys or Reviewed-bys. If you've
> looked through it or tested it, please consider it. :) (I added Valdis
> and mpe's Tested-b
