Re: [PATCH] ksys_mount: check for permissions before resource allocation

From: Ilya Matveychikov
Date: Tue Jun 05 2018 - 07:36:04 EST

Next message: Miklos Szeredi: "Re: [PATCH 06/39] vfs: add f_op->pre_mmap()"
Previous message: Michel Pollet: "[PATCH v4 3/3] ARM: dts: Renesas R9A06G032 SMP enable method"
In reply to: Al Viro: "Re: [PATCH] ksys_mount: check for permissions before resource allocation"
Next in thread: Al Viro: "Re: [PATCH] ksys_mount: check for permissions before resource allocation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> On Jun 5, 2018, at 3:26 PM, Al Viro <viro@xxxxxxxxxxxxxxxxxx> wrote:
>>
>>> On Jun 5, 2018, at 6:00 AM, Ilya Matveychikov <matvejchikov@xxxxxxxxx> wrote:
>>>
>>> Early check for mount permissions prevents possible allocation of 3
>>> pages from kmalloc() pool by unpriveledged user which can be used for
>>> spraying the kernel heap.
>
> I'm sorry, but there are arseloads of unpriveleged syscalls that do the same,
> starting with read() from procfs files. So what the hell does it buy?

Means that if all do the same shit no reason to fix it? Sounds weird...

Next message: Miklos Szeredi: "Re: [PATCH 06/39] vfs: add f_op->pre_mmap()"
Previous message: Michel Pollet: "[PATCH v4 3/3] ARM: dts: Renesas R9A06G032 SMP enable method"
In reply to: Al Viro: "Re: [PATCH] ksys_mount: check for permissions before resource allocation"
Next in thread: Al Viro: "Re: [PATCH] ksys_mount: check for permissions before resource allocation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]