[PATCH 1/9] mm: Hardened usercopy
Michael Ellerman
mpe at ellerman.id.au
Fri Jul 8 15:34:19 AEST 2016
Kees Cook <keescook at chromium.org> writes:
> On Thu, Jul 7, 2016 at 4:01 AM, Arnd Bergmann <arnd at arndb.de> wrote:
>> On Wednesday, July 6, 2016 3:25:20 PM CEST Kees Cook wrote:
>>> +
>>> + /* Allow kernel rodata region (if not marked as Reserved). */
>>> + if (ptr >= (const void *)__start_rodata &&
>>> + end <= (const void *)__end_rodata)
>>> + return NULL;
>>
>> Should we explicitly forbid writing to rodata, or is it enough to
>> rely on page protection here?
>
> Hm, interesting. That's a very small check to add. My knee-jerk is to
> just leave it up to page protection. I'm on the fence. :)
There are platforms that don't have page protection, so it would be nice
if they could at least opt-in to checking for it here.
cheers
More information about the Linuxppc-dev
mailing list