From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S932632AbbJNPSF (ORCPT <rfc822;w@1wt.eu>);
	Wed, 14 Oct 2015 11:18:05 -0400
Received: from fallback4.mail.ru ([94.100.181.169]:38789 "EHLO
	fallback4.mail.ru" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S932562AbbJNPSE (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Wed, 14 Oct 2015 11:18:04 -0400
X-Greylist: delayed 470 seconds by postgrey-1.27 at vger.kernel.org; Wed, 14 Oct 2015 11:18:03 EDT
Subject: Re: [RFC 3/4] x86/signal/64: Re-add support for SS in the 64-bit
 signal context
To: Ingo Molnar <mingo@kernel.org>
References: <cover.1444697927.git.luto@kernel.org>
 <6e14e2f7ce1c38fc1996bd4d5d3d9dc70b8bd94d.1444697927.git.luto@kernel.org>
 <561D1C53.8080302@list.ru> <20151014150155.GA21330@gmail.com>
Cc: Andy Lutomirski <luto@kernel.org>, x86@kernel.org,
        linux-kernel@vger.kernel.org, Brian Gerst <brgerst@gmail.com>,
        Denys Vlasenko <dvlasenk@redhat.com>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Borislav Petkov <bp@alien8.de>, Cyrill Gorcunov <gorcunov@gmail.com>,
        Pavel Emelyanov <xemul@parallels.com>
From: Stas Sergeev <stsp@list.ru>
Message-ID: <561E7027.3070106@list.ru>
Date: Wed, 14 Oct 2015 18:09:27 +0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101
 Thunderbird/38.2.0
MIME-Version: 1.0
In-Reply-To: <20151014150155.GA21330@gmail.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Mras: Ok
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

14.10.2015 18:01, Ingo Molnar пишет:
> 
> * Stas Sergeev <stsp@list.ru> wrote:
> 
>> On an off-topic: there was recently a patch from you that
>> disables vm86() by mmap_min_addr. I've found that dosemu, when
>> started as root, could override mmap_min_addr. I guess this will
>> no longer work, right? Not a big regression, just something to
>> know and document.
> 
> So I think it should still work, because we check for mmap_min_addr in the system 
> call itself:
> 
> static long do_sys_vm86(struct vm86plus_struct __user *user_vm86, bool plus)
> {
> ...
>         err = security_mmap_addr(0);
>         if (err) {
>                 /*
> 
> So if dosemu first tweaks mmap_min_addr, the syscall should succeed.
No, it doesn't tweak it.
It just seems that root is allowed to do mmap(0, MAP_FIXED)
_regardless_ of mmap_min_addr. But it would be crazy to run vm86() as
root to also bypass the check (dosemu drops privs earlier), so I guess
this trick will stop working.