[kernel-hardening] Re: [PATCH v3 0/7] arm64: Privileged Access Never using... | linux-arm-kernel

[PATCH v3 0/7] arm64: Privileged Access Never using TTBR0_EL1 switching · catalin.marinas@arm.com (Catalin Marinas) · 2016-09-13
[PATCH v3 1/7] arm64: Factor out PAN enabling/disabling into separate uaccess_* macros · catalin.marinas@arm.com (Catalin Marinas) · 2016-09-13
[PATCH v3 1/7] arm64: Factor out PAN enabling/disabling into separate uaccess_* macros · mark.rutland@arm.com (Mark Rutland) · 2016-09-15
[PATCH v3 2/7] arm64: Factor out TTBR0_EL1 post-update workaround into a specific asm macro · catalin.marinas@arm.com (Catalin Marinas) · 2016-09-13
[PATCH v3 2/7] arm64: Factor out TTBR0_EL1 post-update workaround into a specific asm macro · mark.rutland@arm.com (Mark Rutland) · 2016-09-15
[PATCH v3 3/7] arm64: Introduce uaccess_{disable, enable} functionality based on TTBR0_EL1 · catalin.marinas@arm.com (Catalin Marinas) · 2016-09-13
[PATCH v3 3/7] arm64: Introduce uaccess_{disable,enable} functionality based on TTBR0_EL1 · Kees Cook <hidden> · 2016-09-13
[PATCH v3 3/7] arm64: Introduce uaccess_{disable,enable} functionality based on TTBR0_EL1 · mark.rutland@arm.com (Mark Rutland) · 2016-09-14
[kernel-hardening] Re: [PATCH v3 3/7] arm64: Introduce uaccess_{disable,enable} functionality based on TTBR0_EL1 · Kees Cook <hidden> · 2016-09-14
[PATCH v3 4/7] arm64: Disable TTBR0_EL1 during normal kernel execution · catalin.marinas@arm.com (Catalin Marinas) · 2016-09-13
[PATCH v3 4/7] arm64: Disable TTBR0_EL1 during normal kernel execution · Will Deacon <hidden> · 2016-09-14
[PATCH v3 5/7] arm64: Handle faults caused by inadvertent user access with PAN enabled · catalin.marinas@arm.com (Catalin Marinas) · 2016-09-13
[PATCH v3 5/7] arm64: Handle faults caused by inadvertent user access with PAN enabled · mark.rutland@arm.com (Mark Rutland) · 2016-09-16
[PATCH v3 5/7] arm64: Handle faults caused by inadvertent user access with PAN enabled · catalin.marinas@arm.com (Catalin Marinas) · 2016-09-16
[PATCH v3 6/7] arm64: xen: Enable user access before a privcmd hvc call · catalin.marinas@arm.com (Catalin Marinas) · 2016-09-13
[PATCH v3 7/7] arm64: Enable CONFIG_ARM64_SW_TTBR0_PAN · catalin.marinas@arm.com (Catalin Marinas) · 2016-09-13
[PATCH v3 0/7] arm64: Privileged Access Never using TTBR0_EL1 switching · Ard Biesheuvel <hidden> · 2016-09-14
[PATCH v3 0/7] arm64: Privileged Access Never using TTBR0_EL1 switching · mark.rutland@arm.com (Mark Rutland) · 2016-09-14
[PATCH v3 0/7] arm64: Privileged Access Never using TTBR0_EL1 switching · Ard Biesheuvel <hidden> · 2016-09-14
[PATCH v3 0/7] arm64: Privileged Access Never using TTBR0_EL1 switching · mark.rutland@arm.com (Mark Rutland) · 2016-09-14
[PATCH v3 0/7] arm64: Privileged Access Never using TTBR0_EL1 switching · mark.rutland@arm.com (Mark Rutland) · 2016-09-14
[kernel-hardening] [PATCH v3 0/7] arm64: Privileged Access Never using TTBR0_EL1 switching · David Brown <hidden> · 2016-09-14
[kernel-hardening] [PATCH v3 0/7] arm64: Privileged Access Never using TTBR0_EL1 switching · catalin.marinas@arm.com (Catalin Marinas) · 2016-09-15
[PATCH v3 0/7] arm64: Privileged Access Never using TTBR0_EL1 switching · mark.rutland@arm.com (Mark Rutland) · 2016-09-15
[PATCH v3 0/7] arm64: Privileged Access Never using TTBR0_EL1 switching · mark.rutland@arm.com (Mark Rutland) · 2016-09-15
[kernel-hardening] Re: [PATCH v3 0/7] arm64: Privileged Access Never using TTBR0_EL1 switching · samitolvanen@google.com (Sami Tolvanen) · 2016-09-29
[kernel-hardening] Re: [PATCH v3 0/7] arm64: Privileged Access Never using TTBR0_EL1 switching · Kees Cook <hidden> · 2016-09-30
[kernel-hardening] Re: [PATCH v3 0/7] arm64: Privileged Access Never using TTBR0_EL1 switching · catalin.marinas@arm.com (Catalin Marinas) · 2016-10-27
[kernel-hardening] Re: [PATCH v3 0/7] arm64: Privileged Access Never using TTBR0_EL1 switching · Kees Cook <hidden> · 2016-10-27
[PATCH v3 0/7] arm64: Privileged Access Never using TTBR0_EL1 switching · Kees Cook <hidden> · 2016-10-14
[PATCH v3 0/7] arm64: Privileged Access Never using TTBR0_EL1 switching · catalin.marinas@arm.com (Catalin Marinas) · 2016-10-15
[PATCH v3 0/7] arm64: Privileged Access Never using TTBR0_EL1 switching · Kees Cook <hidden> · 2016-10-16

[kernel-hardening] Re: [PATCH v3 0/7] arm64: Privileged Access Never using TTBR0_EL1 switching

From: Kees Cook <hidden>
Date: 2016-09-30 18:42:02

On Thu, Sep 29, 2016 at 3:44 PM, Sami Tolvanen [off-list ref] wrote:

On Thu, Sep 15, 2016 at 05:20:45PM +0100, Mark Rutland wrote:

quoted

Likewise, how do we handle __flush_cache_user_range and
flush_icache_range? Some callers (e.g. __do_compat_cache_op) pass in
__user addresses.

Also EXEC_USERSPACE in lkdtm passes a user space address to flush_icache_range
and causes the process to hang when I tested these patches on HiKey.

Adding uaccess_{enable,disable}_not_uao to __flush_cache_user_range appears to
fix the problem.

I had a thought just now on this: is lkdtm maybe doing the wrong thing
here? i.e. should lkdtm be the one do to the uaccess_en/disable
instead of flush_icache_range() itself, since it's the one abusing the
API?

-Kees

-- 
Kees Cook
Nexus Security

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help