git.kernel.dk Git - linux-2.6-block.git/commit

author	Kees Cook <keescook@chromium.org>
	Thu, 30 Nov 2017 21:04:32 +0000 (13:04 -0800)
committer	Kees Cook <keescook@chromium.org>
	Mon, 15 Jan 2018 20:07:48 +0000 (12:07 -0800)
commit	2d891fbc3bb681ba1f826e7ee70dbe38ca7465fe
tree	1dac3dd3aac5a0fed8046b6f85bd944211260c70	tree \| snapshot
parent	afcc90f8621e289cd082ba97900e76f01afe778c	commit \| diff

usercopy: Allow strict enforcement of whitelists

This introduces CONFIG_HARDENED_USERCOPY_FALLBACK to control the
behavior of hardened usercopy whitelist violations. By default, whitelist
violations will continue to WARN() so that any bad or missing usercopy
whitelists can be discovered without being too disruptive.

If this config is disabled at build time or a system is booted with
"slab_common.usercopy_fallback=0", usercopy whitelists will BUG() instead
of WARN(). This is useful for admins that want to use usercopy whitelists
immediately.

Suggested-by: Matthew Garrett <mjg59@google.com>
Signed-off-by: Kees Cook <keescook@chromium.org>

include/linux/slab.h		diff \| blob \| blame \| history
mm/slab.c		diff \| blob \| blame \| history
mm/slab_common.c		diff \| blob \| blame \| history
mm/slub.c		diff \| blob \| blame \| history
security/Kconfig		diff \| blob \| blame \| history