iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
722,191 Commits 104 Branches 1,843 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
David Windsor 6a9b88204c vfs: Define usercopy region in names_cache slab caches 
VFS pathnames are stored in the names_cache slab cache, either inline
or across an entire allocation entry (when approaching PATH_MAX). These
are copied to/from userspace, so they must be entirely whitelisted.

cache object allocation:
    include/linux/fs.h:
        #define __getname()    kmem_cache_alloc(names_cachep, GFP_KERNEL)

example usage trace:
    strncpy_from_user+0x4d/0x170
    getname_flags+0x6f/0x1f0
    user_path_at_empty+0x23/0x40
    do_mount+0x69/0xda0
    SyS_mount+0x83/0xd0

    fs/namei.c:
        getname_flags(...):
            ...
            result = __getname();
            ...
            kname = (char *)result->iname;
            result->name = kname;
            len = strncpy_from_user(kname, filename, EMBEDDED_NAME_MAX);
            ...
            if (unlikely(len == EMBEDDED_NAME_MAX)) {
                const size_t size = offsetof(struct filename, iname[1]);
                kname = (char *)result;

                result = kzalloc(size, GFP_KERNEL);
                ...
                result->name = kname;
                len = strncpy_from_user(kname, filename, PATH_MAX);

In support of usercopy hardening, this patch defines the entire cache
object in the names_cache slab cache as whitelisted, since it may entirely
hold name strings to be copied to/from userspace.

This patch is verbatim from Brad Spengler/PaX Team's PAX_USERCOPY
whitelisting code in the last public patch of grsecurity/PaX based on my
understanding of the code. Changes or omissions from the original code are
mine and don't reflect the original grsecurity/PaX code.

Signed-off-by: David Windsor <dave@nullcore.net>
[kees: adjust commit log, add usage trace]
Cc: Alexander Viro <viro@zeniv.linux.org.uk>
Cc: linux-fsdevel@vger.kernel.org
Signed-off-by: Kees Cook <keescook@chromium.org>
2018-01-15 12:07:50 -08:00
arch
Merge branch 'fixes' of git://git.armlinux.org.uk/~rmk/linux-arm
2017-12-03 10:51:08 -05:00
block
Merge branch 'for-linus' of git://git.kernel.dk/linux-block
2017-12-01 08:05:45 -05:00
certs
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
crypto
Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
2017-11-28 16:22:10 -08:00
Documentation
hwmon fixes for v4.15-rc2
2017-12-03 10:46:16 -05:00
drivers
lkdtm/usercopy: Adjust test to include an offset to check reporting
2018-01-15 12:07:46 -08:00
firmware
kbuild: remove all dummy assignments to obj-
2017-11-18 11:46:06 +09:00
fs
vfs: Define usercopy region in names_cache slab caches
2018-01-15 12:07:50 -08:00
include
usercopy: Allow strict enforcement of whitelists
2018-01-15 12:07:48 -08:00
init
EXPERT Kconfig menu: fix broken EXPERT menu
2017-11-17 16:10:05 -08:00
ipc
Rename superblock flags (MS_xyz -> SB_xyz)
2017-11-27 13:05:09 -08:00
kernel
Merge branch 'for-linus' of git://git.kernel.dk/linux-block
2017-12-01 08:05:45 -05:00
lib
RISC-V Cleanups and ABI Fixes for 4.15-rc2
2017-12-01 19:39:12 -05:00
mm
usercopy: Mark kmalloc caches as usercopy caches
2018-01-15 12:07:49 -08:00
net
NFS client fixes for Linux 4.15-rc2
2017-12-01 20:04:20 -05:00
samples
kbuild: remove all dummy assignments to obj-
2017-11-18 11:46:06 +09:00
scripts
Merge branch 'akpm' (patches from Andrew)
2017-11-29 19:12:44 -08:00
security
usercopy: Allow strict enforcement of whitelists
2018-01-15 12:07:48 -08:00
sound
Revert "ALSA: usb-audio: Fix potential zero-division at parsing FU"
2017-11-28 09:34:36 -08:00
tools
usercopy: Enhance and rename report_usercopy()
2018-01-15 12:07:44 -08:00
usr
initramfs: fix initramfs rebuilds w/ compression after disabling
2017-11-03 07:39:19 -07:00
virt
* x86 bugfixes: APIC, nested virtualization, IOAPIC
2017-11-30 08:15:19 -08:00
.cocciconfig
scripts: add Linux .cocciconfig for coccinelle
2016-07-22 12:13:39 +02:00
.get_maintainer.ignore
.gitattributes
.gitattributes: set git diff driver for C source code files
2016-10-07 18:46:30 -07:00
.gitignore
Kbuild misc updates for v4.15
2017-11-17 17:51:33 -08:00
.mailmap
Add Jason Gunthorpe as co-maintainer of the RDMA stack
2017-11-17 09:36:18 -08:00
COPYING
CREDITS
MAINTAINERS: update TPM driver infrastructure changes
2017-11-09 17:58:40 -08:00
Kbuild
Kbuild updates for v4.15
2017-11-17 17:45:29 -08:00
Kconfig
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
MAINTAINERS
hwmon fixes for v4.15-rc2
2017-12-03 10:46:16 -05:00
Makefile
Linux 4.15-rc2
2017-12-03 11:01:47 -05:00
README
README: add a new README file, pointing to the Documentation/
2016-10-24 08:12:35 -02:00

README 

Linux kernel
============

This file was moved to Documentation/admin-guide/README.rst

Please notice that there are several guides for kernel developers and users.
These guides can be rendered in a number of formats, like HTML and PDF.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.
See Documentation/00-INDEX for a list of what is contained in each file.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.
Description
No description provided
Readme 5.7 GiB
Languages
C 97.6%
Assembly 1%
Shell 0.5%
Python 0.3%
Makefile 0.3%