Re: [PATCH v3 1/1] x86: allow to enable/disable modify_ldt at run time

From: Willy Tarreau
Date: Wed Aug 05 2015 - 04:09:22 EST

Next message: Roger Quadros: "Re: [PATCH 10/10] ARM: dts: omap4: Use "syscon-otghs" instead of "ctrl-module" in USB node"
Previous message: Stephen Rothwell: "linux-next: Tree for Aug 5"
In reply to: Ingo Molnar: "Re: [PATCH v3 1/1] x86: allow to enable/disable modify_ldt at run time"
Next in thread: Ingo Molnar: "Re: [PATCH v3 1/1] x86: allow to enable/disable modify_ldt at run time"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Ingo,

On Wed, Aug 05, 2015 at 10:00:37AM +0200, Ingo Molnar wrote:
>
> * Willy Tarreau <w@xxxxxx> wrote:
>
> > @@ -276,6 +282,15 @@ asmlinkage int sys_modify_ldt(int func, void __user *ptr,
> > {
> > int ret = -ENOSYS;
> >
> > + if (!sysctl_modify_ldt) {
> > + printk_ratelimited(KERN_INFO
> > + "Denied a call to modify_ldt() from %s[%d] (uid: %d)."
> > + " Adjust sysctl if this was not an exploit attempt.\n",
> > + current->comm, task_pid_nr(current),
> > + from_kuid_munged(current_user_ns(), current_uid()));
>
> UI nit: so this message should really tell the user _which_ sysctl to configure,
> instead of passive-aggressively alluding to the fact that there's a sysctl
> somewhere that might do the trick...

I agree, I did it first and changed my mind due to the repetition of
the word "modify_ldt".

Here's an updated version instead.

Willy

Next message: Roger Quadros: "Re: [PATCH 10/10] ARM: dts: omap4: Use "syscon-otghs" instead of "ctrl-module" in USB node"
Previous message: Stephen Rothwell: "linux-next: Tree for Aug 5"
In reply to: Ingo Molnar: "Re: [PATCH v3 1/1] x86: allow to enable/disable modify_ldt at run time"
Next in thread: Ingo Molnar: "Re: [PATCH v3 1/1] x86: allow to enable/disable modify_ldt at run time"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]