diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2016-08-08 17:48:14 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2016-08-08 17:48:14 -0400 |
| commit | 1eccfa090eaea22558570054bbdc147817e1df5e (patch) | |
| tree | a0adfdb87319abef88f575ee34314649193b7e92 /security | |
| parent | 1bd4403d86a1c06cb6cc9ac87664a0c9d3413d51 (diff) | |
| parent | ed18adc1cdd00a5c55a20fbdaed4804660772281 (diff) | |
Merge tag 'usercopy-v4.8' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux
Pull usercopy protection from Kees Cook:
"Tbhis implements HARDENED_USERCOPY verification of copy_to_user and
copy_from_user bounds checking for most architectures on SLAB and
SLUB"
* tag 'usercopy-v4.8' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux:
mm: SLUB hardened usercopy support
mm: SLAB hardened usercopy support
s390/uaccess: Enable hardened usercopy
sparc/uaccess: Enable hardened usercopy
powerpc/uaccess: Enable hardened usercopy
ia64/uaccess: Enable hardened usercopy
arm64/uaccess: Enable hardened usercopy
ARM: uaccess: Enable hardened usercopy
x86/uaccess: Enable hardened usercopy
mm: Hardened usercopy
mm: Implement stack frame object validation
mm: Add is_migrate_cma_page
Diffstat (limited to 'security')
| -rw-r--r-- | security/Kconfig | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/security/Kconfig b/security/Kconfig index 176758cdfa57..df28f2b6f3e1 100644 --- a/security/Kconfig +++ b/security/Kconfig | |||
| @@ -118,6 +118,34 @@ config LSM_MMAP_MIN_ADDR | |||
| 118 | this low address space will need the permission specific to the | 118 | this low address space will need the permission specific to the |
| 119 | systems running LSM. | 119 | systems running LSM. |
| 120 | 120 | ||
| 121 | config HAVE_HARDENED_USERCOPY_ALLOCATOR | ||
| 122 | bool | ||
| 123 | help | ||
| 124 | The heap allocator implements __check_heap_object() for | ||
| 125 | validating memory ranges against heap object sizes in | ||
| 126 | support of CONFIG_HARDENED_USERCOPY. | ||
| 127 | |||
| 128 | config HAVE_ARCH_HARDENED_USERCOPY | ||
| 129 | bool | ||
| 130 | help | ||
| 131 | The architecture supports CONFIG_HARDENED_USERCOPY by | ||
| 132 | calling check_object_size() just before performing the | ||
| 133 | userspace copies in the low level implementation of | ||
| 134 | copy_to_user() and copy_from_user(). | ||
| 135 | |||
| 136 | config HARDENED_USERCOPY | ||
| 137 | bool "Harden memory copies between kernel and userspace" | ||
| 138 | depends on HAVE_ARCH_HARDENED_USERCOPY | ||
| 139 | select BUG | ||
| 140 | help | ||
| 141 | This option checks for obviously wrong memory regions when | ||
| 142 | copying memory to/from the kernel (via copy_to_user() and | ||
| 143 | copy_from_user() functions) by rejecting memory ranges that | ||
| 144 | are larger than the specified heap object, span multiple | ||
| 145 | separately allocates pages, are not on the process stack, | ||
| 146 | or are part of the kernel text. This kills entire classes | ||
| 147 | of heap overflow exploits and similar kernel memory exposures. | ||
| 148 | |||
| 121 | source security/selinux/Kconfig | 149 | source security/selinux/Kconfig |
| 122 | source security/smack/Kconfig | 150 | source security/smack/Kconfig |
| 123 | source security/tomoyo/Kconfig | 151 | source security/tomoyo/Kconfig |