Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp1468398imm; Sun, 27 May 2018 07:42:32 -0700 (PDT) X-Google-Smtp-Source: ADUXVKIyofTcYU7niI7CQTqPuqGzklT1W4r/mRphBvWCWCZ2w9q/yAOUH5AoV72G1+oyY8v4M+aP X-Received: by 2002:a63:ab05:: with SMTP id p5-v6mr572555pgf.280.1527432152863; Sun, 27 May 2018 07:42:32 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1527432152; cv=none; d=google.com; s=arc-20160816; b=ARMNkU7LDtauffcGwfTn3Y4cegEcb/c4CrgCXewohsO4Y6zNrtXSmXyr1reGMsZzpL oU3uxNHxG2jNFiUtGyn+g7GlwzwP8gKGgjTWSwunpxxpzvu+RCXRuHJ3VS6RTEzAXQli bBxgagqVoYpDKEV8zuVLpVBcXuQglzwU0/HnHhu8SV7jIBiKrItxUBK1xTDIsZhY2YRj 9Fd1/KoPMUX7maQkTmgcooOsQGE4EuK1Vg9bb/qt8qsaFodAUuNQiQJ/YghxFgcXhgnZ TDs6UnX7WvgVM/xjxjoONmWt3eUetQVEEdQif9Aa9GeJY+ndzIcAVGs1Ao9e/iQaZ6+O NV/Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature:dkim-signature :arc-authentication-results; bh=jdU19FfmpmX27VbHaMaGRnz/BEGIlfcK25JljaYAbzU=; b=cNyL8Xd4WJhT16R+BfR8NlgVLexCmy/mDAUQf376zFWlZpfQNsXohV5fq1bUa+GXEW nq+DKffm8PcVYW9PWmFXpis/CyA6+kU+DIBSy5xsj3G6D+WWggODdsAYvS4dIR3Vmejq EzyRffkUnl/TsixKZ472Xd1C4eeS1AEMjcpQ8zccGyOnPWWz/XMJ9SVmC3jiRnqxh3f6 rJRqgBzCP5U7HdqvJjKdj+MJFL5MtG8EhkdvZXB3mJrVxUU/9IPreEvsnBvFd+1/FwUO 8hZgTNQV9hWYRy4Bx0ZrupACQOi5mNAjo9/ghKvhl41tohgl/kikdUYelYziIcgWxLub nMkQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@google.com header.s=20161025 header.b=rn4Zgw06; dkim=fail header.i=@chromium.org header.s=google header.b=YAclngd5; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v16-v6si11764819plo.186.2018.05.27.07.41.46; Sun, 27 May 2018 07:42:32 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@google.com header.s=20161025 header.b=rn4Zgw06; dkim=fail header.i=@chromium.org header.s=google header.b=YAclngd5; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1032706AbeE0Oli (ORCPT + 99 others); Sun, 27 May 2018 10:41:38 -0400 Received: from mail-vk0-f68.google.com ([209.85.213.68]:43454 "EHLO mail-vk0-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1030337AbeE0Olg (ORCPT ); Sun, 27 May 2018 10:41:36 -0400 Received: by mail-vk0-f68.google.com with SMTP id x191-v6so5736548vke.10 for ; Sun, 27 May 2018 07:41:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=jdU19FfmpmX27VbHaMaGRnz/BEGIlfcK25JljaYAbzU=; b=rn4Zgw068KUVLPYxL66xiP8BVYjBcZSUo5ykgRL13hailAhKSku4QbKBK5vWe06+bB nSf/MgIu44KAATD7FjZLeVYEaaWwxaQdsLkw/sK+oGaj/HtJd7emIdBJxQOjFT7Zu2tk cEpihbdp8PwOHXFbch4CESJEsyxc2ZBUh/w7Kwu80zvbBT1KTFJftfYiOR3/JGEeH8J1 Uq5ZJsK/2LiiqdebjjG1e+0UhxSPPMr2Q8lEBCozVn1pKBYv3Rj10uZ21XYg+3vcgoGL aPqXUaqqJ+IX8Y3AcltbonYUpH2OW7RbRhNm+OmSnGxD5mIcHuEKKIwcYnLkvidEOeGW vOmw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=jdU19FfmpmX27VbHaMaGRnz/BEGIlfcK25JljaYAbzU=; b=YAclngd5PrRdMz4ukfv3cxnWxxC8boNwsFXkk+w6SpDf8YaJvyj8CAZ5m/MXcdgpIW tNMgrUQBtnOrxQ8VtMK0NVOw0z0VdSbr8bMiTNCoWn1IveAllMC95LXbSXkkAuo+FFzF iBgCwYutNu1I0A0Iaa6C0WuL5dWGuYocbxCiU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=jdU19FfmpmX27VbHaMaGRnz/BEGIlfcK25JljaYAbzU=; b=NyJKueesS8TkMlaGzbgaZjCc2ePF7/s+FWgHJBDdr4+DMCDU1dejVmw6kWQ0lmwTu2 EhepMJVG44Y+BBhlJYQzog6vyPdpd3L091KRc3Nl9h6Tk69frmaKDYTEUmi3v2UTXPFE GevYECgMqcNUC16bcWOmPK1IHtnlmCmqisAwl9dmMZoscNFLc2gV7ZdvcRobYM4IWdGW 4/yj14cFdeliYR28hMfZ2NMoYG4Z7ky1txkOKXJmqBBEJ4QPxkZ0JcoZa1aOubDmbUg+ 8bPmmB4aKKfYvk0kBAf/FQ6nsSR+djc6ZdRWI1FdAgdq503UgpX+hguaW4dULCCwR4KW MklQ== X-Gm-Message-State: ALKqPwdnFItXxXlAFVVeSnlq9QjGqYsGVztrbXOnTZ3g3ZI1DwVOEhcl d4bWSZRW3NNwAb8zgghqDnQfE19lMFzWgFilQVO92A== X-Received: by 2002:a1f:ab47:: with SMTP id u68-v6mr5713749vke.158.1527432095462; Sun, 27 May 2018 07:41:35 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a1f:bd1:0:0:0:0:0 with HTTP; Sun, 27 May 2018 07:41:34 -0700 (PDT) In-Reply-To: References: <1527346246-1334-1-git-send-email-s.mesoraca16@gmail.com> From: Kees Cook Date: Sun, 27 May 2018 07:41:34 -0700 X-Google-Sender-Auth: MBxWaeJKZn9g-ucVVcsszG2pvEc Message-ID: Subject: Re: [PATCH] proc: prevent a task from writing on its own /proc/*/mem To: Linus Torvalds Cc: Salvatore Mesoraca , Jann Horn , Kernel Hardening , LSM List , Linux Kernel Mailing List , linux-mm , Andrew Morton , Alexey Dobriyan , Akinobu Mita , Dmitry Vyukov , Arnd Bergmann , Davidlohr Bueso Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sat, May 26, 2018 at 6:33 PM, Linus Torvalds wrote: > Thus commit f511c0b17b08 "Yes, people use FOLL_FORCE ;)" > > Side note, that very sam ecommit f511c0b17b08 is also the explanation for > why the patch under discussion now seems broken. > > People really do use "write to /proc/self/mem" as a way to keep the > mappings read-only, but have a way to change them when required. Ah! Yes, that is the commit I was trying to find. Thanks! -Kees -- Kees Cook Pixel Security