[kernel-hardening] Re: [PATCH v9 1/4] syscalls: Verify address limit before returning to user-mode
From: hch@infradead.org (Christoph Hellwig)
Date: 2017-05-09 16:04:48
Also in:
linux-api, linux-s390, lkml
On Tue, May 09, 2017 at 06:02:50AM -0700, Christoph Hellwig wrote:
On Tue, May 09, 2017 at 06:00:01AM -0700, Andy Lutomirski wrote:quoted
fs/splice.c has some, ahem, interesting uses that have been the source of nasty exploits in the past. Converting them to use iov_iter properly would be really, really nice. Christoph, I don't suppose you'd like to do that?I can take care of all the fs code including this one.
I spent the afternoon hacking up where I'd like this to head. It's completely untested as of now: http://git.infradead.org/users/hch/vfs.git/shortlog/refs/heads/setfs-elimination