From mboxrd@z Thu Jan 1 00:00:00 1970 From: riel@surriel.com (Rik van Riel) Date: Fri, 06 Jul 2018 22:13:02 -0400 Subject: How to change page permission from inside the kernel? In-Reply-To: References: <107393.1530902545@turing-police.cc.vt.edu> Message-ID: <1530929582.5350.28.camel@surriel.com> To: kernelnewbies@lists.kernelnewbies.org List-Id: kernelnewbies.lists.kernelnewbies.org On Fri, 2018-07-06 at 21:29 +0200, Ahmed Soliman wrote: > > 2) And why from inside the kernel? > > Because this needs to be done from inside KVM. > > Note: I am aware that this won't be effective against rootkits that > live in userspace, rootkits that target kernel dynamic data, files on > disk, as well as VMM escapes, but I believe if the attack surface is > reduced by just a little bit, it is not that bad, so please lets not > discuss that :P. It sounds like the only permission you care about is the permission of the _guest_ writing to that memory, not the permission of the qemu-kvm userspace program writing to that memory. You may be looking at the wrong page mapping to manipulate. -- All Rights Reversed. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 488 bytes Desc: This is a digitally signed message part URL: