Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/816511/?format=api
{ "id": 816511, "url": "http://patchwork.ozlabs.org/api/patches/816511/?format=api", "web_url": "http://patchwork.ozlabs.org/project/netdev/patch/1505940337-79069-29-git-send-email-keescook@chromium.org/", "project": { "id": 7, "url": "http://patchwork.ozlabs.org/api/projects/7/?format=api", "name": "Linux network development", "link_name": "netdev", "list_id": "netdev.vger.kernel.org", "list_email": "netdev@vger.kernel.org", "web_url": null, "scm_url": null, "webscm_url": null, "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<1505940337-79069-29-git-send-email-keescook@chromium.org>", "list_archive_url": null, "date": "2017-09-20T20:45:34", "name": "[v3,28/31] arm64: Implement thread_struct whitelist for hardened usercopy", "commit_ref": null, "pull_url": null, "state": "not-applicable", "archived": true, "hash": "4e3d7d2fb992538051fbabcfb1bfe25c4c2129d0", "submitter": { "id": 10641, "url": "http://patchwork.ozlabs.org/api/people/10641/?format=api", "name": "Kees Cook", "email": "keescook@chromium.org" }, "delegate": { "id": 34, "url": "http://patchwork.ozlabs.org/api/users/34/?format=api", "username": "davem", "first_name": "David", "last_name": "Miller", "email": "davem@davemloft.net" }, "mbox": "http://patchwork.ozlabs.org/project/netdev/patch/1505940337-79069-29-git-send-email-keescook@chromium.org/mbox/", "series": [ { "id": 4231, "url": "http://patchwork.ozlabs.org/api/series/4231/?format=api", "web_url": "http://patchwork.ozlabs.org/project/netdev/list/?series=4231", "date": "2017-09-20T20:45:22", "name": "Hardened usercopy whitelisting", "version": 3, "mbox": "http://patchwork.ozlabs.org/series/4231/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/816511/comments/", "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/816511/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<netdev-owner@vger.kernel.org>", "X-Original-To": "patchwork-incoming@ozlabs.org", "Delivered-To": "patchwork-incoming@ozlabs.org", "Authentication-Results": [ "ozlabs.org;\n\tspf=none (mailfrom) smtp.mailfrom=vger.kernel.org\n\t(client-ip=209.132.180.67; helo=vger.kernel.org;\n\tenvelope-from=netdev-owner@vger.kernel.org;\n\treceiver=<UNKNOWN>)", "ozlabs.org; dkim=pass (1024-bit key;\n\tunprotected) header.d=chromium.org header.i=@chromium.org\n\theader.b=\"VKhOr/8e\"; dkim-atps=neutral" ], "Received": [ "from vger.kernel.org (vger.kernel.org [209.132.180.67])\n\tby ozlabs.org (Postfix) with ESMTP id 3xyBvH5kFmz9s8J\n\tfor <patchwork-incoming@ozlabs.org>;\n\tThu, 21 Sep 2017 06:59:39 +1000 (AEST)", "(majordomo@vger.kernel.org) by vger.kernel.org via listexpand\n\tid S1752059AbdITUwv (ORCPT <rfc822;patchwork-incoming@ozlabs.org>);\n\tWed, 20 Sep 2017 16:52:51 -0400", "from mail-pf0-f172.google.com ([209.85.192.172]:54166 \"EHLO\n\tmail-pf0-f172.google.com\" rhost-flags-OK-OK-OK-OK) by vger.kernel.org\n\twith ESMTP id S1751867AbdITUws (ORCPT\n\t<rfc822;netdev@vger.kernel.org>); Wed, 20 Sep 2017 16:52:48 -0400", "by mail-pf0-f172.google.com with SMTP id x78so2110637pff.10\n\tfor <netdev@vger.kernel.org>; Wed, 20 Sep 2017 13:52:47 -0700 (PDT)", "from www.outflux.net\n\t(173-164-112-133-Oregon.hfc.comcastbusiness.net. [173.164.112.133])\n\tby smtp.gmail.com with ESMTPSA id\n\td124sm8414572pfc.42.2017.09.20.13.52.45\n\t(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);\n\tWed, 20 Sep 2017 13:52:46 -0700 (PDT)" ], "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n\td=chromium.org; s=google;\n\th=from:to:cc:subject:date:message-id:in-reply-to:references;\n\tbh=TIO9yEqD/ACy+sSJTkZUlH9+FdVlt7R5A85gz6dLfIE=;\n\tb=VKhOr/8e+4p36fhU/rdNY9+gKLXidy/g4IRdL7VdVbEup7FB6SwDobbWjQ69F2nyqi\n\t1nKFW4G0xZ+UasY+a65B567S6oC5f06DmWhWQPKhytT0ta1oX9Tc/DE66ab1QIbgjlnP\n\teCuD1Qgb3LfoXIy8HRkTGjYZSb7KvyHbZO90E=", "X-Google-DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n\td=1e100.net; s=20161025;\n\th=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to\n\t:references;\n\tbh=TIO9yEqD/ACy+sSJTkZUlH9+FdVlt7R5A85gz6dLfIE=;\n\tb=jQPu6egeC2AAE+FTAzMnp1EWwsSobZg9MpNZJj2xk6UQujc7fK2mMG020TIOEXb5JY\n\tvy/Bok8DlLtFadMzrfiE6+DqpyyXqP3GKIHCvikg5wikKvxbN4U8+xprnlOesB/SMAdw\n\tpCqaJcZ4t6h6xlIaQTzgua8uS5vEfXCCwvtoWd2v56KfzzwGhkIw6mHGtHvOA4X4k/3d\n\tSdBt0cwP0d4wG719Vt+3dAcbms90vyoTVB696ghTnvJDDxyOwPSz/FFzZIwB5Vqr5G8I\n\t0WkwMyYJx9pIVYddg6wWAfHBESTByGYLmJvRsfBWuWoUkyKBgC9jG5T7UWnB00PxHcui\n\toOOg==", "X-Gm-Message-State": "AHPjjUh4ly2jjEk9LkcXDi6ZBHA743SkED83sceyCTJy9bZrH92B/NNi\n\t3SJkjP57A7sndahNDN2+azdqZw==", "X-Google-Smtp-Source": "AOwi7QB/HEyBIJSiSs2cFJxXLELjSpOxcBXaP2aEHVK2B2TTBd+YM3iOeKcwz8uMGg8jQLHF7Fp4MA==", "X-Received": "by 10.99.105.130 with SMTP id e124mr3440485pgc.420.1505940767514;\n\tWed, 20 Sep 2017 13:52:47 -0700 (PDT)", "From": "Kees Cook <keescook@chromium.org>", "To": "linux-kernel@vger.kernel.org", "Cc": "Kees Cook <keescook@chromium.org>,\n\tCatalin Marinas <catalin.marinas@arm.com>,\n\tWill Deacon <will.deacon@arm.com>,\n\tChristian Borntraeger <borntraeger@de.ibm.com>,\n\tIngo Molnar <mingo@kernel.org>, James Morse <james.morse@arm.com>,\n\t\"Peter Zijlstra (Intel)\" <peterz@infradead.org>,\n\tDave Martin <Dave.Martin@arm.com>, zijun_hu <zijun_hu@htc.com>,\n\tlinux-arm-kernel@lists.infradead.org,\n\tlinux-fsdevel@vger.kernel.org, netdev@vger.kernel.org,\n\tlinux-mm@kvack.org, kernel-hardening@lists.openwall.com,\n\tDavid Windsor <dave@nullcore.net>", "Subject": "[PATCH v3 28/31] arm64: Implement thread_struct whitelist for\n\thardened usercopy", "Date": "Wed, 20 Sep 2017 13:45:34 -0700", "Message-Id": "<1505940337-79069-29-git-send-email-keescook@chromium.org>", "X-Mailer": "git-send-email 2.7.4", "In-Reply-To": "<1505940337-79069-1-git-send-email-keescook@chromium.org>", "References": "<1505940337-79069-1-git-send-email-keescook@chromium.org>", "Sender": "netdev-owner@vger.kernel.org", "Precedence": "bulk", "List-ID": "<netdev.vger.kernel.org>", "X-Mailing-List": "netdev@vger.kernel.org" }, "content": "This whitelists the FPU register state portion of the thread_struct for\ncopying to userspace, instead of the default entire structure.\n\nCc: Catalin Marinas <catalin.marinas@arm.com>\nCc: Will Deacon <will.deacon@arm.com>\nCc: Christian Borntraeger <borntraeger@de.ibm.com>\nCc: Ingo Molnar <mingo@kernel.org>\nCc: James Morse <james.morse@arm.com>\nCc: \"Peter Zijlstra (Intel)\" <peterz@infradead.org>\nCc: Dave Martin <Dave.Martin@arm.com>\nCc: zijun_hu <zijun_hu@htc.com>\nCc: linux-arm-kernel@lists.infradead.org\nSigned-off-by: Kees Cook <keescook@chromium.org>\n---\n arch/arm64/Kconfig | 1 +\n arch/arm64/include/asm/processor.h | 8 ++++++++\n 2 files changed, 9 insertions(+)", "diff": "diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig\nindex 0df64a6a56d4..e190f9901aef 100644\n--- a/arch/arm64/Kconfig\n+++ b/arch/arm64/Kconfig\n@@ -73,6 +73,7 @@ config ARM64\n \tselect HAVE_ARCH_MMAP_RND_BITS\n \tselect HAVE_ARCH_MMAP_RND_COMPAT_BITS if COMPAT\n \tselect HAVE_ARCH_SECCOMP_FILTER\n+\tselect HAVE_ARCH_THREAD_STRUCT_WHITELIST\n \tselect HAVE_ARCH_TRACEHOOK\n \tselect HAVE_ARCH_TRANSPARENT_HUGEPAGE\n \tselect HAVE_ARCH_VMAP_STACK\ndiff --git a/arch/arm64/include/asm/processor.h b/arch/arm64/include/asm/processor.h\nindex 29adab8138c3..759c4d90ac7f 100644\n--- a/arch/arm64/include/asm/processor.h\n+++ b/arch/arm64/include/asm/processor.h\n@@ -90,6 +90,14 @@ struct thread_struct {\n \tstruct debug_info\tdebug;\t\t/* debugging */\n };\n \n+/* Whitelist the fpsimd_state for copying to userspace. */\n+static inline void arch_thread_struct_whitelist(unsigned long *offset,\n+\t\t\t\t\t\tunsigned long *size)\n+{\n+\t*offset = offsetof(struct thread_struct, fpsimd_state);\n+\t*size = sizeof(struct fpsimd_state);\n+}\n+\n #ifdef CONFIG_COMPAT\n #define task_user_tls(t)\t\t\t\t\t\t\\\n ({\t\t\t\t\t\t\t\t\t\\\n", "prefixes": [ "v3", "28/31" ] }