[kernel-hardening] Re: [PATCH v2 02/11] mm: Hardened usercopy
Kees Cook
keescook at chromium.org
Fri Jul 15 12:23:11 PDT 2016
On Fri, Jul 15, 2016 at 12:19 PM, Daniel Micay <danielmicay at gmail.com> wrote:
>> I'd like it to dump stack and be fatal to the process involved, but
>> yeah, I guess BUG() would work. Creating an infrastructure for
>> handling security-related Oopses can be done separately from this
>> (and
>> I'd like to see that added, since it's a nice bit of configurable
>> reactivity to possible attacks).
>
> In grsecurity, the oops handling also uses do_group_exit instead of
> do_exit but both that change (or at least the option to do it) and the
> exploit handling could be done separately from this without actually
> needing special treatment for USERCOPY. Could expose is as something
> like panic_on_oops=2 as a balance between the existing options.
I'm also uncomfortable about BUG() being removed by unsetting
CONFIG_BUG, but that seems unlikely. :)
-Kees
--
Kees Cook
Chrome OS & Brillo Security
More information about the linux-arm-kernel
mailing list