Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp1021486imm; Sat, 26 May 2018 18:35:04 -0700 (PDT) X-Google-Smtp-Source: AB8JxZrNHmCES5EJduQ0B8s1JyG5Vur9VL8JUgG1ECKhkEsAU054Oevooz4wpzdTaHp1EkxymVwO X-Received: by 2002:a63:6f4c:: with SMTP id k73-v6mr6306368pgc.303.1527384904402; Sat, 26 May 2018 18:35:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1527384904; cv=none; d=google.com; s=arc-20160816; b=drKnXzwaLsJMRMML69ICY/i41ZKqmFVWRfman3bvVZVRzajOgcqNAJMe6jV1uvYIfZ uZ4ptG6LEsnrXFy5mf12EHpoX8xoX5rokkVbA+z4ExuTHqJHWdtnd0BaUQG3Hu+GL7Qn e8EMctBL63YtqMVDrV2c3r0lK6q0R+E0mZRF0blNZSNaQWc1jxAboR0vzGSQP72CkjVM 6Eseu6wUlZ7jJ9Oi3M8SC5z9A3W7dz9nI+0YXr7Ljc9YgYBY2hPls5fXxHYMmmfGd1cU D4vqwbr2YAb9iKu8hj9NefBEVlv2dOHSvwWVhTxRJB1AREOsB8nR2ORqlEgClzybKVw9 W9Eg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature :arc-authentication-results; bh=bdEVVedhMqqZB5R4PE4vdGbQa5MMqkiMYUtRYkrcWIE=; b=OTjYe82t8FSAegu3eaP3eAv0wPtLoMTteHfCbAQdFC+G4Lojmj6MEYewHH4lACgiYq 0FnrP5bkFh/Ug2JFM+wa6wGoLcUN4cjJcetu5pGGvFsH0/UP0bCXT2TRmvX3pb0wRzn5 bUJNTgz2NbEZiQZNskHYB9R1X1FUSv2tKbPbLMQqQ9C/u2Z+fmelcHsK0/Pb0ElIwfGA rmDiCe1vjHuDtGBEoILISDmdGTHlqUXM/OvkdHl+d+y920lmjt3mRtMADGVDdTHHXOZ/ uU76npU3/Lkp4C3XnVdcWnA6J8VNy6bwdrM1cvK4uZY9f+Hqr0WGYG/0SLtrmQD5wcWL OGlw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=MrJeSgwd; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id g83-v6si4386517pfg.225.2018.05.26.18.34.49; Sat, 26 May 2018 18:35:04 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=MrJeSgwd; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1032577AbeE0Bdh (ORCPT + 99 others); Sat, 26 May 2018 21:33:37 -0400 Received: from mail-io0-f194.google.com ([209.85.223.194]:47053 "EHLO mail-io0-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755097AbeE0Bdf (ORCPT ); Sat, 26 May 2018 21:33:35 -0400 Received: by mail-io0-f194.google.com with SMTP id f21-v6so10452738iob.13; Sat, 26 May 2018 18:33:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=bdEVVedhMqqZB5R4PE4vdGbQa5MMqkiMYUtRYkrcWIE=; b=MrJeSgwd976Fj6pBotVAsCDigCiW8oZPuHaTdC18PfxTMAvIXyaQ9R5ItV17Q8bd1x iO5PZ4Fq6kpTlVTjQ9OChrV+BAaDLYsWG3FqYVZU56Gm6pj+S9WVsZ90SAPH2H2U7DLl fFoJIXrw67s1Xml2NPcvaY+fwm9YAUriglxw0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=bdEVVedhMqqZB5R4PE4vdGbQa5MMqkiMYUtRYkrcWIE=; b=Z+dgaKrB4TnPIWfMws4utp8ZTlAPNd88qx8hXBnAPA1SHFsKtQXoZjKZYW+wsjPb9H MbftnK/i/CyX5mg1r8fYj9g35QL104hjYsgMJYsXCAhjd5RMhC/b2UHyNZpzU98su6eU TU7kmGsIgGLg/Kcm2ccs0ywyUvcCFPVNyiw/KD0CTOCST0WohnV+7IpRSP03AJ6dyArY 5iz+Z2MrUrSv8omHcNDQDX63/Fi1xHlvOKrgkK1VlBObFgvZmmL9qGpCo9aWIa+IF0Hw VMNw0VHeWId/Bs/Hz8SQVeKw4A+0Ki8nyPHrYL8tO2rzadGhI7DJ0dLouC2uhCuEX25B RQHw== X-Gm-Message-State: ALKqPweEozW4wXp6H1W+ENg37QuUhtkRRZLxBJwDF3eJsldFce66K8Ze /VNL4Lu7WG6iccbNh+OGvsh0KY0V/rOFiq0cnno= X-Received: by 2002:a6b:6803:: with SMTP id d3-v6mr6862962ioc.48.1527384814858; Sat, 26 May 2018 18:33:34 -0700 (PDT) MIME-Version: 1.0 References: <1527346246-1334-1-git-send-email-s.mesoraca16@gmail.com> In-Reply-To: From: Linus Torvalds Date: Sat, 26 May 2018 18:33:23 -0700 Message-ID: Subject: Re: [PATCH] proc: prevent a task from writing on its own /proc/*/mem To: Kees Cook Cc: Salvatore Mesoraca , Jann Horn , Kernel Hardening , LSM List , Linux Kernel Mailing List , linux-mm , Andrew Morton , Alexey Dobriyan , Akinobu Mita , Dmitry Vyukov , Arnd Bergmann , Davidlohr Bueso Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sat, May 26, 2018 at 5:32 PM Kees Cook wrote: > I went through some old threads from 2012 when e268337dfe26 was > introduced, and later when things got looked at during DirtyCOW. There > was discussion about removing FOLL_FORCE (in order to block writes on > a read-only memory region). Side note, we did that for /dev/mem, and things broke. Thus commit f511c0b17b08 "Yes, people use FOLL_FORCE ;)" Side note, that very sam ecommit f511c0b17b08 is also the explanation for why the patch under discussion now seems broken. People really do use "write to /proc/self/mem" as a way to keep the mappings read-only, but have a way to change them when required. Linus