Re: [PATCH 6/X] uprobes: reimplement xol_add_vma() viainstall_special_mapping()

From: Oleg Nesterov
Date: Mon Oct 17 2011 - 15:01:17 EST


On 10/17, Stephen Smalley wrote:
>
> > Since selinux wasnt happy to have an anonymous vma attached, we would
> > create a pseudo file using shmem_file_setup. However after comments from
> > Peter and Stephan's suggestions we started using override_creds. Peter and
> > Oleg suggest that we use install_special_mapping.
> >
> > Are you okay with using install_special_mapping instead of
> > override_creds()?
>
> That's fine with me.

Good.

> But I'm still not clear on how you are controlling
> the use of this facility from userspace, which is my primary concern.

Yes, but just in case... Any security check in xol_add_vma() is pointless.
The task is already "owned" by uprobes when xol_add_vma() is called.

Oleg.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/