[kernel-hardening] Re: [PATCH v9 1/4] syscalls: Verify address limit before returning to user-mode
Al Viro
viro at ZenIV.linux.org.uk
Tue May 9 19:11:18 PDT 2017
On Tue, May 09, 2017 at 09:03:22AM -0700, Christoph Hellwig wrote:
> On Tue, May 09, 2017 at 06:02:50AM -0700, Christoph Hellwig wrote:
> > On Tue, May 09, 2017 at 06:00:01AM -0700, Andy Lutomirski wrote:
> > > fs/splice.c has some, ahem, interesting uses that have been the source
> > > of nasty exploits in the past. Converting them to use iov_iter
> > > properly would be really, really nice. Christoph, I don't suppose
> > > you'd like to do that?
> >
> > I can take care of all the fs code including this one.
Oh?
> I spent the afternoon hacking up where I'd like this to head. It's
> completely untested as of now:
>
> http://git.infradead.org/users/hch/vfs.git/shortlog/refs/heads/setfs-elimination
And just what happens to driver that has no ->read_iter()? Unless I'm
seriously misreading that, NAK with extreme prejudice.
More information about the linux-arm-kernel
mailing list