Thread (89 messages) 89 messages, 18 authors, 2017-05-13

Re: [kernel-hardening] Re: [PATCH v9 1/4] syscalls: Verify address limit before returning to user-mode

From: Al Viro <hidden>
Date: 2017-05-10 02:13:22
Also in: linux-arm-kernel, linux-s390, lkml 

On Tue, May 09, 2017 at 09:03:22AM -0700, Christoph Hellwig wrote:
On Tue, May 09, 2017 at 06:02:50AM -0700, Christoph Hellwig wrote:
quoted
On Tue, May 09, 2017 at 06:00:01AM -0700, Andy Lutomirski wrote:
quoted
fs/splice.c has some, ahem, interesting uses that have been the source
of nasty exploits in the past.  Converting them to use iov_iter
properly would be really, really nice.  Christoph, I don't suppose
you'd like to do that?
I can take care of all the fs code including this one.
Oh?

I spent the afternoon hacking up where I'd like this to head.  It's
completely untested as of now:

	http://git.infradead.org/users/hch/vfs.git/shortlog/refs/heads/setfs-elimination
And just what happens to driver that has no ->read_iter()?  Unless I'm
seriously misreading that, NAK with extreme prejudice.
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help