Hosts the 0x221E linux distro kernel. https://universe.0xinfinity.dev/distro/kernel/atom?h=linux-4.15.y 2017-09-17T17:45:33Z 2017-09-17T17:45:33Z Thomas Garnier thgarnie@google.com 2017-09-07T15:30:45Z urn:sha1:2404269bc4e77a67875c8db6667be34c9913c96e This reverts commit 73ac5d6a2b6ac3ae8d1e1818f3e9946f97489bc9. The work pending loop can call set_fs after addr_limit_user_check removed the _TIF_FSCHECK flag. This may happen at anytime based on how ARM handles alignment exceptions. It leads to an infinite loop condition. After discussion, it has been agreed that the generic approach is not tailored to the ARM architecture and any fix might not be complete. This patch will be replaced by an architecture specific implementation. The work flag approach will be kept for other architectures. Reported-by: Leonard Crestez <leonard.crestez@nxp.com> Signed-off-by: Thomas Garnier <thgarnie@google.com> Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Cc: Pratyush Anand <panand@redhat.com> Cc: Dave Martin <Dave.Martin@arm.com> Cc: Will Drewry <wad@chromium.org> Cc: Arnd Bergmann <arnd@arndb.de> Cc: Catalin Marinas <catalin.marinas@arm.com> Cc: Will Deacon <will.deacon@arm.com> Cc: Russell King <linux@armlinux.org.uk> Cc: Andy Lutomirski <luto@amacapital.net> Cc: David Howells <dhowells@redhat.com> Cc: Dave Hansen <dave.hansen@intel.com> Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: linux-api@vger.kernel.org Cc: Yonghong Song <yhs@fb.com> Cc: linux-arm-kernel@lists.infradead.org Link: http://lkml.kernel.org/r/1504798247-48833-3-git-send-email-keescook@chromium.org 2017-09-04T18:18:17Z Linus Torvalds torvalds@linux-foundation.org 2017-09-04T18:18:17Z urn:sha1:6c51e67b64d169419fb13318035bb442f9176612 Pull syscall updates from Ingo Molnar: "Improve the security of set_fs(): we now check the address limit on a number of key platforms (x86, arm, arm64) before returning to user-space - without adding overhead to the typical system call fast path" * 'x86-syscall-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: arm64/syscalls: Check address limit on user-mode return arm/syscalls: Check address limit on user-mode return x86/syscalls: Check address limit on user-mode return 2017-07-15T18:17:52Z Linus Torvalds torvalds@linux-foundation.org 2017-07-15T18:17:52Z urn:sha1:89cbec71fead552fdd1fa38c57186669dfbba734 Pull uacess-unaligned removal from Al Viro: "That stuff had just one user, and an exotic one, at that - binfmt_flat on arm and m68k" * 'work.uaccess-unaligned' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: kill {__,}{get,put}_user_unaligned() binfmt_flat: flat_{get,put}_addr_from_rp() should be able to fail 2017-07-08T12:05:33Z Thomas Garnier thgarnie@google.com 2017-06-15T01:12:02Z urn:sha1:73ac5d6a2b6ac3ae8d1e1818f3e9946f97489bc9 Ensure the address limit is a user-mode segment before returning to user-mode. Otherwise a process can corrupt kernel-mode memory and elevate privileges [1]. The set_fs function sets the TIF_SETFS flag to force a slow path on return. In the slow path, the address limit is checked to be USER_DS if needed. The TIF_SETFS flag is added to _TIF_WORK_MASK shifting _TIF_SYSCALL_WORK for arm instruction immediate support. The global work mask is too big to used on a single instruction so adapt ret_fast_syscall. [1] https://bugs.chromium.org/p/project-zero/issues/detail?id=990 Signed-off-by: Thomas Garnier <thgarnie@google.com> Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Cc: Mark Rutland <mark.rutland@arm.com> Cc: kernel-hardening@lists.openwall.com Cc: Catalin Marinas <catalin.marinas@arm.com> Cc: Will Deacon <will.deacon@arm.com> Cc: David Howells <dhowells@redhat.com> Cc: Dave Hansen <dave.hansen@intel.com> Cc: Miroslav Benes <mbenes@suse.cz> Cc: Chris Metcalf <cmetcalf@mellanox.com> Cc: Pratyush Anand <panand@redhat.com> Cc: Russell King <linux@armlinux.org.uk> Cc: Petr Mladek <pmladek@suse.com> Cc: Rik van Riel <riel@redhat.com> Cc: Kees Cook <keescook@chromium.org> Cc: Arnd Bergmann <arnd@arndb.de> Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: Andy Lutomirski <luto@kernel.org> Cc: Josh Poimboeuf <jpoimboe@redhat.com> Cc: linux-arm-kernel@lists.infradead.org Cc: Will Drewry <wad@chromium.org> Cc: linux-api@vger.kernel.org Cc: Oleg Nesterov <oleg@redhat.com> Cc: Andy Lutomirski <luto@amacapital.net> Cc: Paolo Bonzini <pbonzini@redhat.com> Link: http://lkml.kernel.org/r/20170615011203.144108-2-thgarnie@google.com 2017-07-03T22:44:22Z Al Viro viro@zeniv.linux.org.uk 2017-05-03T00:06:33Z urn:sha1:3170d8d226c2053355f3946b4b5ded4c006fe6d4 no users left Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 2017-05-16T03:40:22Z Al Viro viro@zeniv.linux.org.uk 2017-04-07T21:20:01Z urn:sha1:82985258390e85289940d3663344197344e071f2 no callers, no consistent semantics, no sane way to use it... Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 2017-03-28T22:23:22Z Al Viro viro@zeniv.linux.org.uk 2017-03-21T12:23:33Z urn:sha1:4de5b63e76b2e672478e49622dabe2666b7f727f Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 2017-03-28T22:23:22Z Al Viro viro@zeniv.linux.org.uk 2016-12-25T08:33:03Z urn:sha1:0f9b38cd79d528c1e19693899d989521778cc245 Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 2017-03-28T20:43:25Z Al Viro viro@zeniv.linux.org.uk 2017-03-21T01:08:07Z urn:sha1:db68ce10c4f0a27c1ff9fa0e789e5c41f8c4ea63 Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 2017-03-06T02:57:49Z Al Viro viro@zeniv.linux.org.uk 2016-12-27T23:14:09Z urn:sha1:af1d5b37d6211c814fac0d5d0b71ec695618054a Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>