Piteball/android_kernel_google_msm
1
0
Fork 0
mirror of https://github.com/followmsi/android_kernel_google_msm.git synced 2024-11-06 23:17:41 +00:00
Code Issues Projects Releases Wiki Activity
android_kernel_google_msm/arch/x86
History
Kees Cook 159eb103ba mm: Tighten x86 /dev/mem with zeroing reads 
Under CONFIG_STRICT_DEVMEM, reading System RAM through /dev/mem is
disallowed. However, on x86, the first 1MB was always allowed for BIOS
and similar things, regardless of it actually being System RAM. It was
possible for heap to end up getting allocated in low 1MB RAM, and then
read by things like x86info or dd, which would trip hardened usercopy:

usercopy: kernel memory exposure attempt detected from ffff880000090000 (dma-kmalloc-256) (4096 bytes)

This changes the x86 exception for the low 1MB by reading back zeros for
System RAM areas instead of blindly allowing them. More work is needed to
extend this to mmap, but currently mmap doesn't go through usercopy, so
hardened usercopy won't Oops the kernel.

Change-Id: I27594af6146e7643217e3babcfd088592b7dbd4b
Reported-by: Tommi Rantala <tommi.t.rantala@nokia.com>
Tested-by: Tommi Rantala <tommi.t.rantala@nokia.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
2017-07-04 12:34:19 +03:00
..
boot x86, realmode: 16-bit real-mode code support for relocs tool 2012-05-18 19:49:40 -07:00
configs x86/kconfig: Remove CONFIG_TR=y from the defconfigs 2012-03-24 08:18:03 +01:00
crypto Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 2012-03-22 20:19:30 -07:00
ia32 signal, x86: add SIGSYS info and make it synchronous. 2014-10-31 19:46:15 -07:00
include/asm smp: Add task_struct argument to __cpu_up() 2016-10-29 23:12:38 +08:00
kernel mm: larger stack guard gap, between vmas 2017-07-02 13:03:27 +03:00
kvm KVM: ensure async PF event wakes up vcpu from halt 2012-05-06 14:56:54 +03:00
lguest
lib Merge branch 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2012-04-16 18:35:21 -07:00
math-emu x86: Rename trap_no to trap_nr in thread_struct 2012-03-13 06:24:09 +01:00
mm mm: Tighten x86 /dev/mem with zeroing reads 2017-07-04 12:34:19 +03:00
net bpf jit: Let the x86 jit handle negative offsets 2012-04-03 18:01:41 -04:00
oprofile
pci Merge branch 'linux-next' of git://git.kernel.org/pub/scm/linux/kernel/git/jbarnes/pci 2012-03-23 14:02:12 -07:00
platform arch/x86/platform/geode/net5501.c: change active_low to 0 for LED driver 2012-05-04 14:40:07 -07:00
power x86, kvm: Call restore_sched_clock_state() only after %gs is initialized 2012-04-02 13:53:00 +02:00
syscalls seccomp: add "seccomp" syscall 2014-10-31 19:46:27 -07:00
tools x86, relocs: When printing an error, say relative or absolute 2012-05-18 19:50:02 -07:00
um um: Use asm-generic/switch_to.h 2012-04-10 00:13:45 +02:00
vdso Merge branch 'x86-x32-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2012-03-29 18:12:23 -07:00
video
xen xen/pci: don't use PCI BIOS service for configuration space accesses 2012-05-07 12:16:21 -04:00
.gitignore
Kbuild
Kconfig Change-Id: I7c9d49079d4e18390c2d520513a4afd55e6eaa3e 2014-10-31 19:46:17 -07:00
Kconfig.cpu
Kconfig.debug
Makefile x86, realmode: 16-bit real-mode code support for relocs tool 2012-05-18 19:49:40 -07:00
Makefile.um um: fix linker script generation 2012-04-09 13:59:00 -04:00
Makefile_32.cpu