From: Avi Kivity <avi@redhat.com>
To: Christopher Yeoh <cyeoh@au1.ibm.com>
Cc: Bryan Donlan <bdonlan@gmail.com>,
linux-kernel@vger.kernel.org,
Linux Memory Management List <linux-mm@kvack.org>,
Ingo Molnar <mingo@elte.hu>
Subject: Re: [RFC][PATCH] Cross Memory Attach
Date: Tue, 02 Nov 2010 07:10:50 -0400 [thread overview]
Message-ID: <4CCFF1BA.1010206@redhat.com> (raw)
In-Reply-To: <20101102140710.5f2a6557@lilo>
On 11/01/2010 11:37 PM, Christopher Yeoh wrote:
> >
> > You could have each process open /proc/self/mem and pass the fd using
> > SCM_RIGHTS.
> >
> > That eliminates a race; with copy_to_process(), by the time the pid
> > is looked up it might designate a different process.
>
> Just to revive an old thread (I've been on holidays), but this doesn't
> work either. the ptrace check is done by mem_read (eg on each read) so
> even if you do pass the fd using SCM_RIGHTS, reads on the fd still
> fail.
>
> So unless there's good reason to believe that the ptrace permission
> check is no longer needed, the /proc/pid/mem interface doesn't seem to
> be an option for what we want to do.
>
Perhaps move the check to open(). I can understand the desire to avoid
letting random processes peek each other's memory, but once a process
has opened its own /proc/self/mem and explicitly passed it to another,
we should allow it.
--
I have a truly marvellous patch that fixes the bug which this
signature is too narrow to contain.
WARNING: multiple messages have this Message-ID (diff)
From: Avi Kivity <avi@redhat.com>
To: Christopher Yeoh <cyeoh@au1.ibm.com>
Cc: Bryan Donlan <bdonlan@gmail.com>,
linux-kernel@vger.kernel.org,
Linux Memory Management List <linux-mm@kvack.org>,
Ingo Molnar <mingo@elte.hu>
Subject: Re: [RFC][PATCH] Cross Memory Attach
Date: Tue, 02 Nov 2010 07:10:50 -0400 [thread overview]
Message-ID: <4CCFF1BA.1010206@redhat.com> (raw)
In-Reply-To: <20101102140710.5f2a6557@lilo>
On 11/01/2010 11:37 PM, Christopher Yeoh wrote:
> >
> > You could have each process open /proc/self/mem and pass the fd using
> > SCM_RIGHTS.
> >
> > That eliminates a race; with copy_to_process(), by the time the pid
> > is looked up it might designate a different process.
>
> Just to revive an old thread (I've been on holidays), but this doesn't
> work either. the ptrace check is done by mem_read (eg on each read) so
> even if you do pass the fd using SCM_RIGHTS, reads on the fd still
> fail.
>
> So unless there's good reason to believe that the ptrace permission
> check is no longer needed, the /proc/pid/mem interface doesn't seem to
> be an option for what we want to do.
>
Perhaps move the check to open(). I can understand the desire to avoid
letting random processes peek each other's memory, but once a process
has opened its own /proc/self/mem and explicitly passed it to another,
we should allow it.
--
I have a truly marvellous patch that fixes the bug which this
signature is too narrow to contain.
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Fight unfair telecom policy in Canada: sign http://dissolvethecrtc.ca/
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2010-11-02 11:11 UTC|newest]
Thread overview: 62+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-09-15 1:18 [RFC][PATCH] Cross Memory Attach Christopher Yeoh
2010-09-15 8:02 ` Ingo Molnar
2010-09-15 8:02 ` Ingo Molnar
2010-09-15 8:16 ` Ingo Molnar
2010-09-15 8:16 ` Ingo Molnar
2010-09-15 13:23 ` Christopher Yeoh
2010-09-15 13:23 ` Christopher Yeoh
2010-09-15 13:20 ` Christopher Yeoh
2010-09-15 13:20 ` Christopher Yeoh
2010-09-15 10:58 ` Avi Kivity
2010-09-15 10:58 ` Avi Kivity
2010-09-15 13:51 ` Ingo Molnar
2010-09-15 13:51 ` Ingo Molnar
2010-09-15 16:10 ` Avi Kivity
2010-09-15 16:10 ` Avi Kivity
2010-09-15 14:42 ` Christopher Yeoh
2010-09-15 14:42 ` Christopher Yeoh
2010-09-15 14:52 ` Linus Torvalds
2010-09-15 14:52 ` Linus Torvalds
2010-09-15 15:44 ` Robin Holt
2010-09-15 15:44 ` Robin Holt
2010-09-16 6:32 ` Brice Goglin
2010-09-16 6:32 ` Brice Goglin
2010-09-16 9:15 ` Brice Goglin
2010-09-16 9:15 ` Brice Goglin
2010-09-16 14:00 ` Christopher Yeoh
2010-09-16 14:00 ` Christopher Yeoh
2010-09-15 14:46 ` Bryan Donlan
2010-09-15 14:46 ` Bryan Donlan
2010-09-15 16:13 ` Avi Kivity
2010-09-15 16:13 ` Avi Kivity
2010-09-15 19:35 ` Eric W. Biederman
2010-09-15 19:35 ` Eric W. Biederman
2010-09-16 1:18 ` Christopher Yeoh
2010-09-16 1:18 ` Christopher Yeoh
2010-09-16 9:26 ` Avi Kivity
2010-09-16 9:26 ` Avi Kivity
2010-11-02 3:37 ` Christopher Yeoh
2010-11-02 3:37 ` Christopher Yeoh
2010-11-02 11:10 ` Avi Kivity [this message]
2010-11-02 11:10 ` Avi Kivity
2010-09-16 1:58 ` KOSAKI Motohiro
2010-09-16 1:58 ` KOSAKI Motohiro
2010-09-16 8:08 ` Ingo Molnar
2010-09-16 8:08 ` Ingo Molnar
2010-09-15 15:11 ` Linus Torvalds
2010-09-15 15:14 ` Linus Torvalds
2010-09-16 2:25 ` Christopher Yeoh
2010-09-16 16:27 ` Peter Zijlstra
2010-09-16 16:54 ` Linus Torvalds
2010-09-16 17:13 ` Peter Zijlstra
2010-09-16 17:34 ` Linus Torvalds
2010-09-16 17:47 ` Peter Zijlstra
2010-09-16 17:54 ` Linus Torvalds
2010-09-16 18:00 ` Linus Torvalds
2010-09-19 4:44 ` Yuhong Bao
2010-09-19 19:20 ` Yuhong Bao
2010-09-19 21:48 ` Russell King - ARM Linux
2010-09-19 22:47 ` Yuhong Bao
2010-09-19 4:55 ` Yuhong Bao
2010-09-15 16:07 ` Valdis.Kletnieks
2010-09-16 2:17 ` Christopher Yeoh
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4CCFF1BA.1010206@redhat.com \
--to=avi@redhat.com \
--cc=bdonlan@gmail.com \
--cc=cyeoh@au1.ibm.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mingo@elte.hu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.