diff options
author | Paul Burton <paul.burton@imgtec.com> | 2016-10-08 22:47:14 +0100 |
---|---|---|
committer | Ralf Baechle <ralf@linux-mips.org> | 2016-10-10 15:28:53 +0200 |
commit | cabca8c098f00c91aeb59170e86e5c5fa4f494c2 (patch) | |
tree | 01ccf96a4a2ec7ac3f6ad234ea49355756791e39 | |
parent | 3f5f0a4475e13345326061f00c68f428232ba2bc (diff) |
MIPS: Enable hardened usercopy
Enable CONFIG_HARDENED_USERCOPY checks for MIPS, calling check_object
size in all of copy_{to,from}_user(), __copy_{to,from}_user() &
__copy_{to,from}_user_inatomic().
Signed-off-by: Paul Burton <paul.burton@imgtec.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: linux-mips@linux-mips.org
Patchwork: https://patchwork.linux-mips.org/patch/14371/
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
-rw-r--r-- | arch/mips/Kconfig | 1 | ||||
-rw-r--r-- | arch/mips/include/asm/uaccess.h | 18 |
2 files changed, 19 insertions, 0 deletions
diff --git a/arch/mips/Kconfig b/arch/mips/Kconfig index a7d9224c2a50..7f6da2c8023d 100644 --- a/arch/mips/Kconfig +++ b/arch/mips/Kconfig @@ -66,6 +66,7 @@ config MIPS select HANDLE_DOMAIN_IRQ select HAVE_EXIT_THREAD select HAVE_REGS_AND_STACK_ACCESS_API + select HAVE_ARCH_HARDENED_USERCOPY menu "Machine selection" diff --git a/arch/mips/include/asm/uaccess.h b/arch/mips/include/asm/uaccess.h index 21a2aaba20d5..c65707df61f4 100644 --- a/arch/mips/include/asm/uaccess.h +++ b/arch/mips/include/asm/uaccess.h @@ -858,7 +858,10 @@ extern size_t __copy_user(void *__to, const void *__from, size_t __n); __cu_to = (to); \ __cu_from = (from); \ __cu_len = (n); \ + \ + check_object_size(__cu_from, __cu_len, true); \ might_fault(); \ + \ if (eva_kernel_access()) \ __cu_len = __invoke_copy_to_kernel(__cu_to, __cu_from, \ __cu_len); \ @@ -879,6 +882,9 @@ extern size_t __copy_user_inatomic(void *__to, const void *__from, size_t __n); __cu_to = (to); \ __cu_from = (from); \ __cu_len = (n); \ + \ + check_object_size(__cu_from, __cu_len, true); \ + \ if (eva_kernel_access()) \ __cu_len = __invoke_copy_to_kernel(__cu_to, __cu_from, \ __cu_len); \ @@ -897,6 +903,9 @@ extern size_t __copy_user_inatomic(void *__to, const void *__from, size_t __n); __cu_to = (to); \ __cu_from = (from); \ __cu_len = (n); \ + \ + check_object_size(__cu_to, __cu_len, false); \ + \ if (eva_kernel_access()) \ __cu_len = __invoke_copy_from_kernel_inatomic(__cu_to, \ __cu_from,\ @@ -931,6 +940,9 @@ extern size_t __copy_user_inatomic(void *__to, const void *__from, size_t __n); __cu_to = (to); \ __cu_from = (from); \ __cu_len = (n); \ + \ + check_object_size(__cu_from, __cu_len, true); \ + \ if (eva_kernel_access()) { \ __cu_len = __invoke_copy_to_kernel(__cu_to, \ __cu_from, \ @@ -1123,6 +1135,9 @@ extern size_t __copy_in_user_eva(void *__to, const void *__from, size_t __n); __cu_to = (to); \ __cu_from = (from); \ __cu_len = (n); \ + \ + check_object_size(__cu_to, __cu_len, false); \ + \ if (eva_kernel_access()) { \ __cu_len = __invoke_copy_from_kernel(__cu_to, \ __cu_from, \ @@ -1161,6 +1176,9 @@ extern size_t __copy_in_user_eva(void *__to, const void *__from, size_t __n); __cu_to = (to); \ __cu_from = (from); \ __cu_len = (n); \ + \ + check_object_size(__cu_to, __cu_len, false); \ + \ if (eva_kernel_access()) { \ __cu_len = __invoke_copy_from_kernel(__cu_to, \ __cu_from, \ |