[RFC PATCH] uprobes: copy to user-space xol page with proper cache flushing

Oleg Nesterov oleg at redhat.com
Tue Apr 15 11:46:07 PDT 2014


On 04/15, David Miller wrote:
>
> From: Oleg Nesterov <oleg at redhat.com>
> Date: Tue, 15 Apr 2014 20:07:00 +0200
>
> > On 04/15, David Miller wrote:
> >>
> >> From: Oleg Nesterov <oleg at redhat.com>
> >> Date: Tue, 15 Apr 2014 19:49:00 +0200
> >>
> >> > We do not want to write to, say, page cache if the probed application
> >> > mmaps a file at the same vaddr.
> >>
> >> If user has write access to that page... not our problem.
> >
> > Well, I am not sure.
> >
> > Yes, this won't allow you to write the exploit. But if this actually
> > happens because an application is buggy, this can lead to really
> > hard-to-debug problems.
>
> And this is different from a stray userland scribble onto such a page
> how?

Sure. But I think that the kernel should not write to the file just because
a buggy application did the extra munmap() or passed a wrong addres to
mmap/munmap.

> This is all so much simpler if you don't insist on doing all of this
> hand-holding for the user, that's not the kernel's job.

Well, I do not agree, but perhaps because I do not really understand
what do you mean.

Oleg.




More information about the linux-arm-kernel mailing list