Re: [PATCH] lkdtm: Test KUAP directional user access unlocks on powerpc

From: Russell Currey
Date: Fri Jan 31 2020 - 02:01:40 EST

Next message: Sergey Senozhatsky: "Re: [PATCH] printk: Convert a use of sprintf to snprintf in console_unlock"
Previous message: Christophe Leroy: "Re: [PATCH] lkdtm: Test KUAP directional user access unlocks on powerpc"
In reply to: Christophe Leroy: "Re: [PATCH] lkdtm: Test KUAP directional user access unlocks on powerpc"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 2020-01-31 at 07:58 +0100, Christophe Leroy wrote:
>
> Le 31/01/2020 Ã 07:53, Russell Currey a Ãcrit :
> > On Fri, 2020-01-31 at 07:44 +0100, Christophe Leroy wrote:
> > > Le 31/01/2020 Ã 06:31, Russell Currey a Ãcrit :
> > > > + pr_info("attempting bad read at %px with write
> > > > allowed\n",
> > > > ptr);
> > > > + tmp = *ptr;
> > > > + tmp += 0xc0dec0de;
> > > > + prevent_write_to_user(ptr, sizeof(unsigned long));
> > >
> > > Does it work ? I would have thought that if the read fails the
> > > process
> > > will die and the following test won't be performed.
> >
> > Correct, the ACCESS_USERSPACE test does the same thing. Splitting
> > this
> > into separate R and W tests makes sense, even if it is unlikely
> > that
> > one would be broken without the other.
> >
>
> Or once we are using user_access_begin() stuff, we can use
> unsafe_put_user() and unsafe_get_user() which should return an error
> instead of killing the caller.

Even better, and thanks for your work on all this stuff.

- Russell

>
> Christophe

Next message: Sergey Senozhatsky: "Re: [PATCH] printk: Convert a use of sprintf to snprintf in console_unlock"
Previous message: Christophe Leroy: "Re: [PATCH] lkdtm: Test KUAP directional user access unlocks on powerpc"
In reply to: Christophe Leroy: "Re: [PATCH] lkdtm: Test KUAP directional user access unlocks on powerpc"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]