Received: by 2002:a89:d88:0:b0:1fa:5c73:8e2d with SMTP id eb8csp1984402lqb; Mon, 27 May 2024 04:21:54 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCW2wqBkQeWn91MNXKII+HyuuNxnl5aNJa/xTdxB99cI8oQuIt+LyNnnejI89LPPU0+vEvLP4ly9GpkDVQmm34/FT3Q1lTva6eAs113Phg== X-Google-Smtp-Source: AGHT+IEw4noN3jGZ4WsQXsrFkzU2MJvASPIsRYOzyImlxcFZFV0WbwthL3N82J7JHfSo48oYmHX0 X-Received: by 2002:a17:906:478c:b0:a59:cdc9:6fdf with SMTP id a640c23a62f3a-a62641c4376mr609084366b.4.1716808914239; Mon, 27 May 2024 04:21:54 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1716808914; cv=pass; d=google.com; s=arc-20160816; b=xVeMDAkwUpLtcOh2r0KQCwN4CFVhDB1qh27x27vkasBKfyHpn++MbwqBoO8Pgj5bvo lPn2iUWGxpE21dSsxtEFmYAR8eIdMNGOVtYw+zOCU0neqRgUwhdTuNrfyOgkK4RO+MO8 jAd776xgStcFV3wXaJfFf5CrlXH5EZkEXWRZSERRdmS/o3Qa84YRzDB0gJOA2jot4daR XjRsBL29evm+zoyCiewOABeasrTC0hsov3hZNrpovTSDCt0yaknXMhh5s3FdVG9UxTky wpDyhgWV7kalHjhts+PhxdWNFi1ETmrOKuvDt1VIw8BhLyDCbzmTJMg67PR/s9kE1jDN shDA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:user-agent:subject:message-id :mime-version:list-unsubscribe:list-subscribe:list-id:precedence:to :cc:date:references:in-reply-to:from; bh=n5Ntev79JrSadguvwtNtLhC99m4mvzOC+6CctBg5eyo=; fh=8QeVvgv2pooJhuoidMxeQSvCK/zZoBxiHkONmTRYvEs=; b=vzb8y5CYRhn0XdKfC7ByRT0SMhorLnry5Lu8Z6KKuqF7wf8bDQSy6s7cfPoyGfFuzt 83Kun7+KxYfxdTt6JkhtcBVRcOWULPfgoGZc8JUNbkxkpUbH4ohk5pIEh2zn4+JYNBqU MhNlBHOSRN4iKN27CP6ZPJe8YfcI7xEbk8InDGyRmr5TSP64voDU50Il1VBClNu5JwVp /nuHzlS7VbLpGxQTp90ux4Gk90Mn59a8ZnmPxbrQbYZz+L25OxcE3nmj+p5XDegamdo/ mXVEMRqWtOZrUVxhyH/1jdKNVT2Md9QbUmWvjJi6EyeDffyIMW7dcM4eCTdVseLfjnpz 9ieQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; arc=pass (i=1 spf=pass spfdomain=collabora.com dmarc=pass fromdomain=collabora.com); spf=pass (google.com: domain of linux-kernel+bounces-190477-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-190477-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=collabora.com Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id a640c23a62f3a-a626cc37808si364759766b.308.2024.05.27.04.21.54 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 27 May 2024 04:21:54 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-190477-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; arc=pass (i=1 spf=pass spfdomain=collabora.com dmarc=pass fromdomain=collabora.com); spf=pass (google.com: domain of linux-kernel+bounces-190477-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-190477-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=collabora.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id F1C641F22CCC for ; Mon, 27 May 2024 11:21:53 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 4876613C8E0; Mon, 27 May 2024 11:21:16 +0000 (UTC) Received: from madrid.collaboradmins.com (madrid.collaboradmins.com [46.235.227.194]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 13ED013C699; Mon, 27 May 2024 11:21:13 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=46.235.227.194 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1716808875; cv=none; b=dOZ647q54GHxpwtpfxCbN1YIwt5UiQ/ElOPuhXOeu/IU+JGPDyJ0XRqz7/MZZZL5GBPCySYZj55I16jaLwMTCfjxIvJnwyI3k97ldZkHhjOIVeoB+IddqAAOJmEe1pAMi8vFcBSVLK7IdWmTgrUiDV4pwqRKDYq5pH1DoueQobE= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1716808875; c=relaxed/simple; bh=VbfpEmXuaAG7nWKQNcVSqAIJl4e4QDZ7FZgYw5QlnDI=; h=From:In-Reply-To:Content-Type:References:Date:Cc:To:MIME-Version: Message-ID:Subject; b=jHO8EKY/oOJDYUfMGyctwtJdW9/JUJ2VWeVKAM/0JdT8YCdbC7T28rtmDAfes0ZhcEVp1pPNcDkeMohzm1PioQQoW+c30BrZKSNhkQ128/qtoNfMLf13Lu/ioOfCvlz4JU+Cyudwu0aq2xdKxfKbkoWUK1em6jh/bO44QdDJxik= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=collabora.com; spf=pass smtp.mailfrom=collabora.com; arc=none smtp.client-ip=46.235.227.194 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=collabora.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=collabora.com Received: from harlem.collaboradmins.com (harlem.collaboradmins.com [IPv6:2a01:4f8:1c0c:5936::1]) by madrid.collaboradmins.com (Postfix) with ESMTP id C9C2E378143B; Mon, 27 May 2024 11:21:10 +0000 (UTC) From: "Adrian Ratiu" In-Reply-To: <9ce0c222-c80c-4049-8746-d74e612c3030@infradead.org> Content-Type: text/plain; charset="utf-8" X-Forward: 127.0.0.1 References: <20240524192858.3206-1-adrian.ratiu@collabora.com> <20240524192858.3206-2-adrian.ratiu@collabora.com> <9ce0c222-c80c-4049-8746-d74e612c3030@infradead.org> Date: Mon, 27 May 2024 12:21:10 +0100 Cc: linux-fsdevel@vger.kernel.org, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, linux-doc@vger.kernel.org, kernel@collabora.com, gbiv@google.com, ryanbeltran@google.com, inglorion@google.com, ajordanr@google.com, jorgelo@chromium.org, "Guenter Roeck" , "Doug Anderson" , "Kees Cook" , "Jann Horn" , "Andrew Morton" , "Christian Brauner" , "Mike Frysinger" To: "Randy Dunlap" Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Message-ID: <1cc802-66546c80-1-65440180@177937837> Subject: =?utf-8?q?Re=3A?= [PATCH v4 2/2] =?utf-8?q?proc=3A?= restrict /proc/pid/mem User-Agent: SOGoMail 5.10.0 Content-Transfer-Encoding: quoted-printable On Saturday, May 25, 2024 08:49 EEST, Randy Dunlap wrote: > Hi-- >=20 > On 5/24/24 12:28 PM, Adrian Ratiu wrote: > > diff --git a/security/Kconfig b/security/Kconfig > > index 412e76f1575d..0cd73f848b5a 100644 > > --- a/security/Kconfig > > +++ b/security/Kconfig > > @@ -183,6 +183,74 @@ config STATIC=5FUSERMODEHELPER=5FPATH > > If you wish for all usermode helper programs to be disabled, > > specify an empty string here (i.e. ""). > > =20 > > +menu "Procfs mem restriction options" > > + > > +config PROC=5FMEM=5FRESTRICT=5FFOLL=5FFORCE=5FDEFAULT > > + bool "Restrict all FOLL=5FFORCE flag usage" > > + default n > > + help > > + Restrict all FOLL=5FFORCE usage during /proc/*/mem RW. > > + Debuggerg like GDB require using FOLL=5FFORCE for basic >=20 > Debuggers Hello and thank you for the feedback! I'll fix these typos in a v5 together with the kernel test robot failur= es. I'll give v4 a bit more time in case other people have more feedback, so I can address them all in one go.