[PATCH] ARM: fault: Implement copy_from_kernel_nofault_allowed()
Ard Biesheuvel
ardb at kernel.org
Tue Jan 23 05:44:37 PST 2024
On Tue, 23 Jan 2024 at 02:12, Kees Cook <keescook at chromium.org> wrote:
>
> Under PAN emulation when dumping backtraces from things like the
> LKDTM EXEC_USERSPACE test[1], a double fault (which would hang a CPU)
> would happen because of dump_instr() attempting to read a userspace
> address. Make sure copy_from_kernel_nofault() does not attempt this
> any more.
>
> Reported-by: Mark Brown <broonie at kernel.org>
> Link: https://lore.kernel.org/all/202401181125.D48DCB4C@keescook/ [1]
> Suggested-by: "Russell King (Oracle)" <linux at armlinux.org.uk>
> Cc: Russell King <linux at armlinux.org.uk>
> Cc: Ard Biesheuvel <ardb at kernel.org>
> Cc: Wang Kefeng <wangkefeng.wang at huawei.com>
> Cc: Andrew Morton <akpm at linux-foundation.org>
> Cc: Ben Hutchings <ben at decadent.org.uk>
> Cc: linux-arm-kernel at lists.infradead.org
> Signed-off-by: Kees Cook <keescook at chromium.org>
Reviewed-by: Ard Biesheuvel <ardb at kernel.org>
> ---
> arch/arm/mm/fault.c | 7 +++++++
> 1 file changed, 7 insertions(+)
>
> diff --git a/arch/arm/mm/fault.c b/arch/arm/mm/fault.c
> index e804432e905e..bc5b959b6f90 100644
> --- a/arch/arm/mm/fault.c
> +++ b/arch/arm/mm/fault.c
> @@ -25,6 +25,13 @@
>
> #include "fault.h"
>
> +bool copy_from_kernel_nofault_allowed(const void *unsafe_src, size_t size)
> +{
> + unsigned long addr = (unsigned long)unsafe_src;
> +
> + return addr >= TASK_SIZE && ULONG_MAX - addr >= size;
> +}
> +
> #ifdef CONFIG_MMU
>
> /*
> --
> 2.34.1
>
More information about the linux-arm-kernel
mailing list