From: riel@surriel.com (Rik van Riel)
To: kernelnewbies@lists.kernelnewbies.org
Subject: How to change page permission from inside the kernel?
Date: Fri, 06 Jul 2018 22:13:02 -0400 [thread overview]
Message-ID: <1530929582.5350.28.camel@surriel.com> (raw)
In-Reply-To: <CAAGnT3YTAfNr5mkVPR1OPHot+ByGy12njihtC6Tco7ee6AUh0Q@mail.gmail.com>
On Fri, 2018-07-06 at 21:29 +0200, Ahmed Soliman wrote:
> > 2) And why from inside the kernel?
>
> Because this needs to be done from inside KVM.
>
> Note: I am aware that this won't be effective against rootkits that
> live in userspace, rootkits that target kernel dynamic data, files on
> disk, as well as VMM escapes, but I believe if the attack surface is
> reduced by just a little bit, it is not that bad, so please lets not
> discuss that :P.
It sounds like the only permission you care about is
the permission of the _guest_ writing to that memory,
not the permission of the qemu-kvm userspace program
writing to that memory.
You may be looking at the wrong page mapping to
manipulate.
--
All Rights Reversed.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: This is a digitally signed message part
URL: <http://lists.kernelnewbies.org/pipermail/kernelnewbies/attachments/20180706/6087b7ee/attachment.sig>
next prev parent reply other threads:[~2018-07-07 2:13 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-07-06 18:06 How to change page permission from inside the kernel? Ahmed Soliman
2018-07-06 18:42 ` valdis.kletnieks at vt.edu
2018-07-06 19:29 ` Ahmed Soliman
2018-07-06 21:10 ` valdis.kletnieks at vt.edu
[not found] ` <CAAGnT3Ymh6EcdaLo=rGR4-oH0nYub8v9VCZaCtppyxxJAmh5Ag@mail.gmail.com>
2018-07-06 21:59 ` Fwd: " Ahmed Soliman
2018-07-06 22:32 ` valdis.kletnieks at vt.edu
2018-07-06 23:31 ` Ahmed Soliman
2018-07-07 2:06 ` valdis.kletnieks at vt.edu
2018-07-07 2:13 ` Rik van Riel [this message]
2018-07-07 11:05 ` Ahmed Soliman
2018-07-06 18:49 ` Ruben Safir
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1530929582.5350.28.camel@surriel.com \
--to=riel@surriel.com \
--cc=kernelnewbies@lists.kernelnewbies.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.