From: Pavel Machek <pavel@ucw.cz>
To: Florian Weimer <fweimer@redhat.com>
Cc: Yury Norov <ynorov@caviumnetworks.com>,
libc-alpha@sourceware.org, linux-arch@vger.kernel.org,
linux-kernel@vger.kernel.org,
Catalin Marinas <catalin.marinas@arm.com>,
szabolcs.nagy@arm.com, heiko.carstens@de.ibm.com,
cmetcalf@ezchip.com, philipp.tomsich@theobroma-systems.com,
joseph@codesourcery.com, zhouchengming1@huawei.com,
Prasun.Kapoor@caviumnetworks.com, agraf@suse.de,
geert@linux-m68k.org, kilobyte@angband.pl,
manuel.montezelo@gmail.com, arnd@arndb.de, pinskia@gmail.com,
linyongting@huawei.com, klimov.linux@gmail.com,
broonie@kernel.org, bamvor.zhangjian@huawei.com,
linux-arm-kernel@lists.infradead.org, maxim.kuvyrkov@linaro.org,
Nathan_Lynch@mentor.com, schwidefsky@de.ibm.com,
davem@davemloft.net, christoph.muellner@theobroma-systems.com
Subject: Re: [Question] New mmap64 syscall?
Date: Thu, 12 Jan 2017 22:51:28 +0100 [thread overview]
Message-ID: <20170112215128.GA14063@amd> (raw)
In-Reply-To: <59af3a6f-f30c-46a5-2d0b-6a7e36668e6b@redhat.com>
[-- Attachment #1: Type: text/plain, Size: 750 bytes --]
On Thu 2017-01-12 17:13:25, Florian Weimer wrote:
> On 01/03/2017 09:54 PM, Pavel Machek wrote:
> >...actually, with strace and batched interface, it will be impossible
> >to see what is going on because of races. So I'm not sure if I like
> >the batched interface at all...
>
> I'm not sure if I understand this problem.
>
> ioctl, fcntl, most socket system calls, even open all have this problem as
> well, right?
Yes, ioctl() and similar are problematic. Still it is possible to
implement secure sandbox using ptrace. Dealing with indirect mmap()
would difficult AFAICT.
Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 181 bytes --]
WARNING: multiple messages have this Message-ID (diff)
From: pavel@ucw.cz (Pavel Machek)
To: linux-arm-kernel@lists.infradead.org
Subject: [Question] New mmap64 syscall?
Date: Thu, 12 Jan 2017 22:51:28 +0100 [thread overview]
Message-ID: <20170112215128.GA14063@amd> (raw)
In-Reply-To: <59af3a6f-f30c-46a5-2d0b-6a7e36668e6b@redhat.com>
On Thu 2017-01-12 17:13:25, Florian Weimer wrote:
> On 01/03/2017 09:54 PM, Pavel Machek wrote:
> >...actually, with strace and batched interface, it will be impossible
> >to see what is going on because of races. So I'm not sure if I like
> >the batched interface at all...
>
> I'm not sure if I understand this problem.
>
> ioctl, fcntl, most socket system calls, even open all have this problem as
> well, right?
Yes, ioctl() and similar are problematic. Still it is possible to
implement secure sandbox using ptrace. Dealing with indirect mmap()
would difficult AFAICT.
Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: Digital signature
URL: <http://lists.infradead.org/pipermail/linux-arm-kernel/attachments/20170112/d730fd12/attachment-0001.sig>
next prev parent reply other threads:[~2017-01-12 21:51 UTC|newest]
Thread overview: 88+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-12-06 18:54 [Question] New mmap64 syscall? Yury Norov
2016-12-06 18:54 ` Yury Norov
2016-12-06 18:54 ` Yury Norov
2016-12-06 21:20 ` Arnd Bergmann
2016-12-06 21:20 ` Arnd Bergmann
2016-12-07 10:34 ` Yury Norov
2016-12-07 10:34 ` Yury Norov
2016-12-07 10:34 ` Yury Norov
2016-12-07 10:34 ` Yury Norov
2016-12-07 11:07 ` Dr. Philipp Tomsich
2016-12-07 11:07 ` Dr. Philipp Tomsich
2016-12-07 12:39 ` Yury Norov
2016-12-07 12:39 ` Yury Norov
2016-12-07 16:32 ` Catalin Marinas
2016-12-07 16:32 ` Catalin Marinas
2016-12-07 16:32 ` Catalin Marinas
2016-12-07 16:43 ` Dr. Philipp Tomsich
2016-12-07 16:43 ` Dr. Philipp Tomsich
2016-12-07 16:43 ` Dr. Philipp Tomsich
2016-12-07 21:30 ` Arnd Bergmann
2016-12-07 21:30 ` Arnd Bergmann
2016-12-07 21:30 ` Arnd Bergmann
2016-12-10 9:10 ` Pavel Machek
2016-12-10 9:10 ` Pavel Machek
2016-12-10 9:10 ` Pavel Machek
2016-12-10 9:21 ` Pavel Machek
2016-12-10 9:21 ` Pavel Machek
2016-12-10 9:21 ` Pavel Machek
2016-12-11 12:56 ` Yury Norov
2016-12-11 12:56 ` Yury Norov
2016-12-11 12:56 ` Yury Norov
2016-12-11 12:56 ` Yury Norov
2016-12-11 12:56 ` [PATCH 1/3] mm: move argument checkers of mmap_pgoff() to separated routine Yury Norov
2016-12-11 12:56 ` Yury Norov
2016-12-11 12:56 ` Yury Norov
2016-12-11 12:56 ` Yury Norov
2016-12-11 12:56 ` [PATCH 2/3] sys_mmap64() Yury Norov
2016-12-11 12:56 ` Yury Norov
2016-12-11 12:56 ` Yury Norov
2016-12-11 12:56 ` Yury Norov
2016-12-11 14:48 ` kbuild test robot
2016-12-11 14:48 ` kbuild test robot
2016-12-11 14:48 ` kbuild test robot
2016-12-11 14:48 ` kbuild test robot
2016-12-11 14:56 ` kbuild test robot
2016-12-11 14:56 ` kbuild test robot
2016-12-11 14:56 ` kbuild test robot
2016-12-11 14:56 ` kbuild test robot
2016-12-11 12:56 ` [PATCH 3/3] mm: make pagoff_t type 64-bit Yury Norov
2016-12-11 12:56 ` Yury Norov
2016-12-11 12:56 ` Yury Norov
2016-12-11 12:56 ` Yury Norov
2016-12-11 13:31 ` kbuild test robot
2016-12-11 13:31 ` kbuild test robot
2016-12-11 13:31 ` kbuild test robot
2016-12-11 13:31 ` kbuild test robot
2016-12-11 13:41 ` kbuild test robot
2016-12-11 13:41 ` kbuild test robot
2016-12-11 13:41 ` kbuild test robot
2016-12-11 13:41 ` kbuild test robot
2016-12-11 14:59 ` Arnd Bergmann
2016-12-11 14:59 ` Arnd Bergmann
2016-12-11 14:59 ` Arnd Bergmann
2016-12-16 10:55 ` Yury Norov
2016-12-16 10:55 ` Yury Norov
2016-12-16 10:55 ` Yury Norov
2016-12-16 10:55 ` Yury Norov
2016-12-16 11:02 ` Arnd Bergmann
2016-12-16 11:02 ` Arnd Bergmann
2016-12-16 11:02 ` Arnd Bergmann
2016-12-18 9:23 ` Christoph Hellwig
2016-12-18 9:23 ` Christoph Hellwig
2016-12-18 9:23 ` Christoph Hellwig
2016-12-07 13:23 ` [Question] New mmap64 syscall? Florian Weimer
2016-12-07 13:23 ` Florian Weimer
2016-12-07 15:48 ` Yury Norov
2016-12-07 15:48 ` Yury Norov
2016-12-07 15:48 ` Yury Norov
2016-12-07 15:48 ` Yury Norov
2016-12-08 15:47 ` Florian Weimer
2016-12-08 15:47 ` Florian Weimer
2017-01-03 20:54 ` Pavel Machek
2017-01-03 20:54 ` Pavel Machek
2017-01-03 20:54 ` Pavel Machek
2017-01-12 16:13 ` Florian Weimer
2017-01-12 16:13 ` Florian Weimer
2017-01-12 21:51 ` Pavel Machek [this message]
2017-01-12 21:51 ` Pavel Machek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170112215128.GA14063@amd \
--to=pavel@ucw.cz \
--cc=Nathan_Lynch@mentor.com \
--cc=Prasun.Kapoor@caviumnetworks.com \
--cc=agraf@suse.de \
--cc=arnd@arndb.de \
--cc=bamvor.zhangjian@huawei.com \
--cc=broonie@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=christoph.muellner@theobroma-systems.com \
--cc=cmetcalf@ezchip.com \
--cc=davem@davemloft.net \
--cc=fweimer@redhat.com \
--cc=geert@linux-m68k.org \
--cc=heiko.carstens@de.ibm.com \
--cc=joseph@codesourcery.com \
--cc=kilobyte@angband.pl \
--cc=klimov.linux@gmail.com \
--cc=libc-alpha@sourceware.org \
--cc=linux-arch@vger.kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linyongting@huawei.com \
--cc=manuel.montezelo@gmail.com \
--cc=maxim.kuvyrkov@linaro.org \
--cc=philipp.tomsich@theobroma-systems.com \
--cc=pinskia@gmail.com \
--cc=schwidefsky@de.ibm.com \
--cc=szabolcs.nagy@arm.com \
--cc=ynorov@caviumnetworks.com \
--cc=zhouchengming1@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.