lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20200527142143.GC1194141@xz-x1>
Date:   Wed, 27 May 2020 10:21:43 -0400
From:   Peter Xu <peterx@...hat.com>
To:     Xiaoming Ni <nixiaoming@...wei.com>
Cc:     aarcange@...hat.com, akpm@...ux-foundation.org, cracauer@...s.org,
        dplotnikov@...tuozzo.com, gokhale2@...l.gov, hannes@...xchg.org,
        hughd@...gle.com, jglisse@...hat.com, kirill@...temov.name,
        linux-kernel@...r.kernel.org, linux-mm@...ck.org,
        maxime.coquelin@...hat.com, mcfadden8@...l.gov, mcgrof@...nel.org,
        mgorman@...e.de, mike.kravetz@...cle.com, pbonzini@...hat.com,
        rppt@...ux.vnet.ibm.com, xemul@...tuozzo.com, keescook@...omium.org
Subject: Re: [PATCH v2 1/1] userfaultfd/sysctl: add
 vm.unprivileged_userfaultfd

On Wed, May 27, 2020 at 02:54:13PM +0800, Xiaoming Ni wrote:
> 
> On Tue, Mar 19, 2019 at 11:07:22AM +0800, Peter Xu wrote:
> > Add a global sysctl knob "vm.unprivileged_userfaultfd" to control
> > whether userfaultfd is allowed by unprivileged users.  When this is
> > set to zero, only privileged users (root user, or users with the
> > CAP_SYS_PTRACE capability) will be able to use the userfaultfd
> > syscalls.
> 
> Hello

Hi, Xiaoming,

> I am a bit confused about this patch, can you help to answer it.
> 
> Why the sysctl interface of fs/userfaultfd.c belongs to vm_table instead of
> fs_table ?
> 
> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cefdca0a86be517bc390fc4541e3674b8e7803b0

Because I think it makes more sense to put the new key into where it suites
better, irrelevant to which directory the variable is declared.  To me,
unprivileged_userfaultfd is definitely more suitable for vm rather than fs,
because userfaultfd is really about memory management rather than file system.

Thanks,

-- 
Peter Xu

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ