From 55c5aa49a11c7091949be160448669d139d026f4 Mon Sep 17 00:00:00 2001 From: Richard Yao Date: Sat, 4 Oct 2014 13:05:55 -0400 Subject: [PATCH] Implement KM_USER for CONFIG_PAX_USERCOPY_SLABS support Signed-off-by: Richard Yao --- include/sys/kmem.h | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/include/sys/kmem.h b/include/sys/kmem.h index 18c47cab..77a3a964 100644 --- a/include/sys/kmem.h +++ b/include/sys/kmem.h @@ -45,6 +45,23 @@ #define KM_NOSLEEP 0x0001 /* cannot block for memory; may fail */ #define KM_PUSHPAGE 0x0004 /* can block for memory; may use reserve */ #define KM_ZERO 0x1000 /* zero the allocation */ +#define KM_USER 0x2000 /* Allow copies to/from userland */ + +/* + * GrSecurity introduced a security feature in their patchset for the Linux + * 3.14 kernel where copies to/from user must occur to regions of memory that + * have been properly marked with SLAB_USERCOPY. We extend the kernel memory + * allocation flag syntax to add KM_USER so that the zio data buffers can be + * properly marked. + */ +#ifdef CONFIG_PAX_USERCOPY_SLABS +# ifndef SLAB_USERCOPY +# error "CONFIG_PAX_USERCOPY_SLABS defined, but SLAB_USERCOPY missing" +# endif +#else +# undef KM_USER +# define KM_USER 0x0000 +#endif /* XXX: Modify the code to stop using these */ #define KM_NODEBUG 0x0 @@ -73,6 +90,9 @@ kmem_flags_convert(int flags) if (flags & KM_ZERO) lflags |= __GFP_ZERO; + if (flags & KM_USER) + lflags |= GFP_USERCOPY; + return lflags; }