[kernel-hardening] Re: [PATCH v2 02/11] mm: Hardened usercopy

Kees Cook keescook at chromium.org
Sat Jul 16 05:23:11 AEST 2016

On Fri, Jul 15, 2016 at 12:19 PM, Daniel Micay <danielmicay at gmail.com> wrote:
>> I'd like it to dump stack and be fatal to the process involved, but
>> yeah, I guess BUG() would work. Creating an infrastructure for
>> handling security-related Oopses can be done separately from this
>> (and
>> I'd like to see that added, since it's a nice bit of configurable
>> reactivity to possible attacks).
> In grsecurity, the oops handling also uses do_group_exit instead of
> do_exit but both that change (or at least the option to do it) and the
> exploit handling could be done separately from this without actually
> needing special treatment for USERCOPY. Could expose is as something
> like panic_on_oops=2 as a balance between the existing options.

I'm also uncomfortable about BUG() being removed by unsetting
CONFIG_BUG, but that seems unlikely. :)


Kees Cook
Chrome OS & Brillo Security

More information about the Linuxppc-dev mailing list