Re: [kernel-hardening] Re: [PATCH v2 02/11] mm: Hardened usercopy

From: Daniel Micay
Date: Fri Jul 15 2016 - 15:01:26 EST

Next message: Ross Zwisler: "Re: mm: GPF in find_get_pages_tag"
Previous message: Ross Zwisler: "Re: [PATCH] radix-tree: fix radix_tree_iter_retry() for tagged iterators."
In reply to: Kees Cook: "Re: [PATCH v2 02/11] mm: Hardened usercopy"
Next in thread: Kees Cook: "Re: [kernel-hardening] Re: [PATCH v2 02/11] mm: Hardened usercopy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> This could be a BUG, but I'd rather not panic the entire kernel.

It seems unlikely that it will panic without panic_on_oops and that's
an explicit opt-in to taking down the system on kernel logic errors
exactly like this. In grsecurity, it calls the kernel exploit handling
logic (panic if root, otherwise kill all process of that user and ban
them until reboot) but that same logic is also called for BUG via oops
handling so there's only really a distinction with panic_on_oops=1.

Does it make sense to be less fatal for a fatal assertion that's more
likely to be security-related? Maybe you're worried about having some
false positives for the whitelisting portion, but I don't think those
will lurk around very long with the way this works.

Attachment: signature.asc
Description: This is a digitally signed message part

Next message: Ross Zwisler: "Re: mm: GPF in find_get_pages_tag"
Previous message: Ross Zwisler: "Re: [PATCH] radix-tree: fix radix_tree_iter_retry() for tagged iterators."
In reply to: Kees Cook: "Re: [PATCH v2 02/11] mm: Hardened usercopy"
Next in thread: Kees Cook: "Re: [kernel-hardening] Re: [PATCH v2 02/11] mm: Hardened usercopy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]