summaryrefslogtreecommitdiff
path: root/security
diff options
context:
space:
mode:
authorKees Cook <keescook@chromium.org>2017-12-01 13:19:39 -0800
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>2017-12-18 15:59:17 +0100
commit22ec1a2aea73b9dfe340dff7945bd85af4cc6280 (patch)
tree92c1a38f121417e5702fe1f41ef99ea1004273ae /security
parentd9cc5a0edb705ced4ce91b4c6ee73ec6f5bfa49a (diff)
/dev/mem: Add bounce buffer for copy-out
As done for /proc/kcore in commit df04abfd181a ("fs/proc/kcore.c: Add bounce buffer for ktext data") this adds a bounce buffer when reading memory via /dev/mem. This is needed to allow kernel text memory to be read out when built with CONFIG_HARDENED_USERCOPY (which refuses to read out kernel text) and without CONFIG_STRICT_DEVMEM (which would have refused to read any RAM contents at all). Since this build configuration isn't common (most systems with CONFIG_HARDENED_USERCOPY also have CONFIG_STRICT_DEVMEM), this also tries to inform Kconfig about the recommended settings. This patch is modified from Brad Spengler/PaX Team's changes to /dev/mem code in the last public patch of grsecurity/PaX based on my understanding of the code. Changes or omissions from the original code are mine and don't reflect the original grsecurity/PaX code. Reported-by: Michael Holzheu <holzheu@linux.vnet.ibm.com> Fixes: f5509cc18daa ("mm: Hardened usercopy") Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'security')
-rw-r--r--security/Kconfig1
1 files changed, 1 insertions, 0 deletions
diff --git a/security/Kconfig b/security/Kconfig
index e8e449444e65..3b4effd8bbc2 100644
--- a/security/Kconfig
+++ b/security/Kconfig
@@ -143,6 +143,7 @@ config HARDENED_USERCOPY
bool "Harden memory copies between kernel and userspace"
depends on HAVE_HARDENED_USERCOPY_ALLOCATOR
select BUG
+ imply STRICT_DEVMEM
help
This option checks for obviously wrong memory regions when
copying memory to/from the kernel (via copy_to_user() and