[RFC PATCH] arm64: fault: Don't populate ESR context for user fault on kernel VA
Catalin Marinas
catalin.marinas at arm.com
Tue Mar 6 06:49:06 PST 2018
On Mon, Mar 05, 2018 at 02:05:06PM +0000, Dave P Martin wrote:
> On Mon, Mar 05, 2018 at 10:31:15AM +0000, Will Deacon wrote:
> > User faults on kernel addresses are a good sign that the faulting task
> > is either up to no good or is in deep trouble. In such situations,
> > exposing the optional ESR context on the sigframe as part of the
> > delivered signal is only useful to attackers who are using information
> > about underlying hardware fault (e.g. translation vs permission) as a
> > mechanism to defeat KASLR.
> >
> > Remove the ESR context from the sigframe for user faults on kernel
> > addresses.
>
> As this wording suggests, this change causes esr_context to disappear
> entirely from the signal frame. Previously, I think user code could
> have relied on its being present for certain signals.
>
> Does Debian's codesearch throw up any nontrivial users of esr_context?
The request for ESR context came from the qemu people. Cc'ing Peter
Maydell (and bouncing the rest of the thread to him separately).
--
Catalin
More information about the linux-arm-kernel
mailing list