From: Dave Hansen <dave.hansen@intel.com>
To: "Eric W. Biederman" <ebiederm@xmission.com>,
Kees Cook <keescook@chromium.org>
Cc: Andrew Morton <akpm@linux-foundation.org>,
"Theodore Ts'o" <tytso@mit.edu>, Oleg Nesterov <oleg@redhat.com>,
LKML <linux-kernel@vger.kernel.org>,
Dave Hansen <dave.hansen@linux.intel.com>
Subject: Re: [RFC][PATCH 1/2] fs proc: make pagemap a privileged interface
Date: Mon, 09 Mar 2015 19:28:22 -0700 [thread overview]
Message-ID: <54FE56C6.7000902@intel.com> (raw)
In-Reply-To: <87h9ttrcpr.fsf@x220.int.ebiederm.org>
On 03/09/2015 04:08 PM, Eric W. Biederman wrote:
> If the concern is to protect against root getting into the kernel the
> "trusted_kernel" snake-oil just compile out the pagemap file. Nothing
> else is remotely interesting from a mainenance point of view.
The paper I linked to showed one example of how pagemap makes a
user->kernel exploint _easier_. Note that the authors had another way
of actually doing the exploit when pagemap was not available, but it
required some more trouble than if pagemap was around.
I mentioned the "trusted_kernel" stuff as an aside. It's really not the
main concern.
next prev parent reply other threads:[~2015-03-10 2:28 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20150309204321.AAF412E0@viggo.jf.intel.com>
2015-03-09 21:31 ` [RFC][PATCH 1/2] fs proc: make pagemap a privileged interface Kees Cook
[not found] ` <20150309204322.50DA6B5D@viggo.jf.intel.com>
2015-03-09 21:32 ` [RFC][PATCH 2/2] proc: config options for making privileged /proc the default Kees Cook
2015-03-09 22:13 ` [RFC][PATCH 1/2] fs proc: make pagemap a privileged interface Eric W. Biederman
2015-03-09 22:22 ` Kees Cook
2015-03-09 23:08 ` Eric W. Biederman
2015-03-09 23:40 ` Kees Cook
2015-03-09 23:43 ` Eric W. Biederman
2015-03-10 0:03 ` Kees Cook
2015-03-10 2:51 ` Dave Hansen
2015-03-10 4:49 ` Eric W. Biederman
2015-03-10 2:28 ` Dave Hansen [this message]
2015-03-12 22:35 ` Andrew Morton
2015-03-13 15:56 ` Dave Hansen
2015-03-13 17:16 ` Eric W. Biederman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=54FE56C6.7000902@intel.com \
--to=dave.hansen@intel.com \
--cc=akpm@linux-foundation.org \
--cc=dave.hansen@linux.intel.com \
--cc=ebiederm@xmission.com \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=oleg@redhat.com \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.