lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <9f45c6d8-df97-6135-a771-d800e73b2fdc@zytor.com>
Date:   Tue, 20 Sep 2016 18:17:13 -0700
From:   "H. Peter Anvin" <hpa@...or.com>
To:     Andy Lutomirski <luto@...capital.net>
Cc:     Dmitry Safonov <0x7f454c46@...il.com>,
        Dmitry Safonov <dsafonov@...tuozzo.com>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        Ingo Molnar <mingo@...hat.com>,
        Thomas Gleixner <tglx@...utronix.de>, X86 ML <x86@...nel.org>,
        Oleg Nesterov <oleg@...hat.com>,
        Steven Rostedt <rostedt@...dmis.org>,
        Al Viro <viro@...iv.linux.org.uk>
Subject: Re: [RFC 0/3] Put vdso in ramfs-like filesystem (vdsofs)

On 09/20/16 18:07, H. Peter Anvin wrote:
> 
>>  - vvar is highly magical.  IMO letting it get mapped with VM_MAYWRITE
>> is asking for trouble, as anything that writes it will COW it, leading
>> to strange malfunctions.
>>

The vvar page obviously needs to be mapped MAP_SHARED, and the
underlying file needs to reject writes.  A solution where this area
doesn't end up MAP_SHARED is obviously defective.

As far as keeping the user from doing really stupid things... they can
map a RAM page over the vvar area and there is nothing the kernel really
can do to keep them from doing something like that without doing things
that are probably way worse than the disease.  At least it will be
obvious looking at the mapping file what is going on.

	-hpa

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ