lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20231016143828.647848-5-jeffxu@chromium.org>
Date: Mon, 16 Oct 2023 14:38:23 +0000
From: jeffxu@...omium.org
To: akpm@...ux-foundation.org,
	keescook@...omium.org,
	sroettger@...gle.com
Cc: jeffxu@...gle.com,
	jorgelo@...omium.org,
	groeck@...omium.org,
	linux-kernel@...r.kernel.org,
	linux-kselftest@...r.kernel.org,
	linux-mm@...ck.org,
	jannh@...gle.com,
	surenb@...gle.com,
	alex.sierra@....com,
	apopple@...dia.com,
	aneesh.kumar@...ux.ibm.com,
	axelrasmussen@...gle.com,
	ben@...adent.org.uk,
	catalin.marinas@....com,
	david@...hat.com,
	dwmw@...zon.co.uk,
	ying.huang@...el.com,
	hughd@...gle.com,
	joey.gouly@....com,
	corbet@....net,
	wangkefeng.wang@...wei.com,
	Liam.Howlett@...cle.com,
	torvalds@...ux-foundation.org,
	lstoakes@...il.com,
	willy@...radead.org,
	mawupeng1@...wei.com,
	linmiaohe@...wei.com,
	namit@...are.com,
	peterx@...hat.com,
	peterz@...radead.org,
	ryan.roberts@....com,
	shr@...kernel.io,
	vbabka@...e.cz,
	xiujianfeng@...wei.com,
	yu.ma@...el.com,
	zhangpeng362@...wei.com,
	dave.hansen@...el.com,
	luto@...nel.org,
	linux-hardening@...r.kernel.org
Subject: [RFC PATCH v1 4/8] mseal: seal mprotect

From: Jeff Xu <jeffxu@...gle.com>

check sealing for mprotect(2).

Signed-off-by: Jeff Xu <jeffxu@...gle.com>
---
 mm/mprotect.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/mm/mprotect.c b/mm/mprotect.c
index 130db91d3a8c..5b67c66d55f7 100644
--- a/mm/mprotect.c
+++ b/mm/mprotect.c
@@ -753,6 +753,12 @@ static int do_mprotect_pkey(unsigned long start, size_t len,
 		}
 	}
 
+	if (!can_modify_mm(current->mm, start, end, MM_ACTION_MPROTECT,
+			   ON_BEHALF_OF_USERSPACE)) {
+		error = -EACCES;
+		goto out;
+	}
+
 	prev = vma_prev(&vmi);
 	if (start > vma->vm_start)
 		prev = vma;
-- 
2.42.0.609.gbb76f46606-goog

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ