usercopy: remove page-spanning test for now

A custom allocator without __GFP_COMP that copies to userspace has been found in vmw_execbuf_process[1], so this disables the page-span checker by placing it behind a CONFIG for future work where such things can be tracked down later. [1] https://bugzilla.redhat.com/show_bug.cgi?id=1373326 Reported-by: Vinson Lee <vlee@freedesktop.org> Fixes: f5509cc18daa ("mm: Hardened usercopy") Signed-off-by: Kees Cook <keescook@chromium.org>
author: Kees Cook <keescook@chromium.org> 2016-09-07 12:54:34 -0400
committer: Kees Cook <keescook@chromium.org> 2016-09-07 14:33:26 -0400
commit: 8e1f74ea02cf4562404c48c6882214821552c13f (patch)
tree: 931135d5d5cf00255d596520bd59c4067d669c22 /security
parent: a85d6b8242dc78ef3f4542a0f979aebcbe77fc4e (diff)
1 files changed, 11 insertions, 0 deletions
diff --git a/security/Kconfig b/security/Kconfig
index da10d9b573a4..2dfc0ce4083e 100644
--- a/security/Kconfig
+++ b/security/Kconfig
@@ -147,6 +147,17 @@ config HARDENED_USERCOPY
          or are part of the kernel text. This kills entire classes
          of heap overflow exploits and similar kernel memory exposures.
+config HARDENED_USERCOPY_PAGESPAN
+        bool "Refuse to copy allocations that span multiple pages"
+        depends on HARDENED_USERCOPY
+        depends on !COMPILE_TEST
+        help
+          When a multi-page allocation is done without __GFP_COMP,
+          hardened usercopy will reject attempts to copy it. There are,
+          however, several cases of this in the kernel that have not all
+          been removed. This config is intended to be used only while
+          trying to find such users.
 source security/selinux/Kconfig
 source security/smack/Kconfig
 source security/tomoyo/Kconfig
author	Kees Cook <keescook@chromium.org>	2016-09-07 12:54:34 -0400
committer	Kees Cook <keescook@chromium.org>	2016-09-07 14:33:26 -0400
commit	8e1f74ea02cf4562404c48c6882214821552c13f (patch)
tree	931135d5d5cf00255d596520bd59c4067d669c22 /security
parent	a85d6b8242dc78ef3f4542a0f979aebcbe77fc4e (diff)

diff --git a/security/Kconfig b/security/Kconfig index da10d9b573a4..2dfc0ce4083e 100644 --- a/security/Kconfig +++ b/security/Kconfig
@@ -147,6 +147,17 @@ config HARDENED_USERCOPY
147	or are part of the kernel text. This kills entire classes	147	or are part of the kernel text. This kills entire classes
148	of heap overflow exploits and similar kernel memory exposures.	148	of heap overflow exploits and similar kernel memory exposures.
149		149
		150	config HARDENED_USERCOPY_PAGESPAN
		151	bool "Refuse to copy allocations that span multiple pages"
		152	depends on HARDENED_USERCOPY
		153	depends on !COMPILE_TEST
		154	help
		155	When a multi-page allocation is done without __GFP_COMP,
		156	hardened usercopy will reject attempts to copy it. There are,
		157	however, several cases of this in the kernel that have not all
		158	been removed. This config is intended to be used only while
		159	trying to find such users.
		160
150	source security/selinux/Kconfig	161	source security/selinux/Kconfig
151	source security/smack/Kconfig	162	source security/smack/Kconfig
152	source security/tomoyo/Kconfig	163	source security/tomoyo/Kconfig