lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <75180d8c-235d-cdfa-2dff-01e0b8a24691@linaro.org>
Date:   Mon, 19 Sep 2022 07:53:52 -0700
From:   Tadeusz Struk <tadeusz.struk@...aro.org>
To:     Dmitry Vyukov <dvyukov@...gle.com>
Cc:     gregkh@...uxfoundation.org, linux-kernel@...r.kernel.org,
        linux-usb@...r.kernel.org, stable@...r.kernel.org
Subject: Re: [PATCH] usb: mon: make mmapped memory read only

Hi Dmitry,
On 9/18/22 21:25, Dmitry Vyukov wrote:
> Hi Tadeusz,
> 
> Looking at places like these:
> https://elixir.bootlin.com/linux/v6.0-rc5/source/drivers/infiniband/hw/qib/qib_file_ops.c#L736
> https://elixir.bootlin.com/linux/v6.0-rc5/source/drivers/infiniband/hw/mlx5/main.c#L2088
> I think we also need to remove VM_MAYWRITE, otherwise it's still
> possible to turn it into a writable mapping with mprotect.
> 
> It's also probably better to return an error if VM_WRITE (or VM_EXEC?) is set
> rather than silently fix it up.

Yes, I think that returning an error will make more sense here.
I don't think we need to worry about VM_EXEC. Even if userspace will try to execute
from the mmaped location it won't work. It will probably crash the application without
causing any harm to the kernel.
I will update the patch and send a v2 soon.

-- 
Thanks,
Tadeusz

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ