From patchwork Mon Jun 19 23:36:26 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 9798083 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id EBB7F60381 for ; Mon, 19 Jun 2017 23:40:31 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id E8D7827861 for ; Mon, 19 Jun 2017 23:40:31 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id DD6FD27F92; Mon, 19 Jun 2017 23:40:31 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.4 required=2.0 tests=BAYES_00,DKIM_SIGNED, RCVD_IN_DNSWL_MED, T_DKIM_INVALID, URIBL_BLACK autolearn=ham version=3.3.1 Received: from mother.openwall.net (mother.openwall.net [195.42.179.200]) by mail.wl.linuxfoundation.org (Postfix) with SMTP id 0B15527861 for ; Mon, 19 Jun 2017 23:40:30 +0000 (UTC) Received: (qmail 15976 invoked by uid 550); 19 Jun 2017 23:37:34 -0000 Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Delivered-To: mailing list kernel-hardening@lists.openwall.com Received: (qmail 11945 invoked from network); 19 Jun 2017 23:37:06 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=xs2l5c3zWEpgfSKRqH9KjO4UWtNnLEmUuCT32tWx9hE=; b=S63NJqWj0aanER93XrEFVH47pUukQkWQ+joeEl7xtSzd+fbmRWQ+gRbov0QDHbyiCN YvQcP1lACaxh0c5+BI99IJnuVr7I5Qjq5fNShgwv54+nYq6aTZo+si26b/SUxwgSzyNG Of273H9T/YVZDR32RtOUvOSb5uCcxj06Gv9Ew= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=xs2l5c3zWEpgfSKRqH9KjO4UWtNnLEmUuCT32tWx9hE=; b=HCsEmV6J2/+B2DrXa/OmEQIA/cje4pFGWPyww9ePzy+GqzhGKycaU7/FXzjBcwa1Ok dNifjFBx1grLd7CSSO40M38w2YQN0aaQSieWqg67GrcfOhSTskpwqJE1NEjg6l9XWF/Q r4rKX0PyeHAn+LKbUpd96WCbp6SzYHG3vfm+BYuxbcm1Cv0+h0fU08OQMFe2GtQiwVyc Bt+G3z+02cjP+Cobuj6GLGBqxqnYtPsI0J6ilyyO2v81Yo6NgKy2A8oAO0NfGl1+/9aJ J6IPrkqkxHDsCJZUa87bgLpKmBdNN/m3fToKnshRPNW6eP2Lvq7vwCD+ACVlZH3BmUW+ 8aWg== X-Gm-Message-State: AKS2vOxKZrHsr1R7LLNp8gtwjEI6OIcJgGK8nyRGcSPgjbWDPNsosDj7 frRPTlHqLRREPfes X-Received: by 10.99.117.89 with SMTP id f25mr10289455pgn.5.1497915415099; Mon, 19 Jun 2017 16:36:55 -0700 (PDT) From: Kees Cook To: kernel-hardening@lists.openwall.com Cc: Kees Cook , David Windsor , linux-mm@kvack.org, linux-kernel@vger.kernel.org Date: Mon, 19 Jun 2017 16:36:26 -0700 Message-Id: <1497915397-93805-13-git-send-email-keescook@chromium.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1497915397-93805-1-git-send-email-keescook@chromium.org> References: <1497915397-93805-1-git-send-email-keescook@chromium.org> Subject: [kernel-hardening] [PATCH 12/23] orangefs: define usercopy region in orangefs_inode_cache slab cache X-Virus-Scanned: ClamAV using ClamSMTP From: David Windsor The orangefs symlink pathnames, stored in struct orangefs_inode_s.link_target and therefore contained in the orangefs_inode_cache, need to be copied to/from userspace. In support of usercopy hardening, this patch defines a region in the orangefs_inode_cache slab cache in which userspace copy operations are allowed. This region is known as the slab cache's usercopy region. Slab caches can now check that each copy operation involving cache-managed memory falls entirely within the slab's usercopy region. This patch is modified from Brad Spengler/PaX Team's PAX_USERCOPY whitelisting code in the last public patch of grsecurity/PaX based on my understanding of the code. Changes or omissions from the original code are mine and don't reflect the original grsecurity/PaX code. Signed-off-by: David Windsor [kees: adjust commit log] Signed-off-by: Kees Cook --- fs/orangefs/super.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/fs/orangefs/super.c b/fs/orangefs/super.c index 5c7c273e17ec..0dddfc264aca 100644 --- a/fs/orangefs/super.c +++ b/fs/orangefs/super.c @@ -613,11 +613,16 @@ void orangefs_kill_sb(struct super_block *sb) int orangefs_inode_cache_initialize(void) { - orangefs_inode_cache = kmem_cache_create("orangefs_inode_cache", - sizeof(struct orangefs_inode_s), - 0, - ORANGEFS_CACHE_CREATE_FLAGS, - orangefs_inode_cache_ctor); + orangefs_inode_cache = kmem_cache_create_usercopy( + "orangefs_inode_cache", + sizeof(struct orangefs_inode_s), + 0, + ORANGEFS_CACHE_CREATE_FLAGS, + offsetof(struct orangefs_inode_s, + link_target), + sizeof_field(struct orangefs_inode_s, + link_target), + orangefs_inode_cache_ctor); if (!orangefs_inode_cache) { gossip_err("Cannot create orangefs_inode_cache\n");