Re: [PATCH] ksys_mount: check for permissions before resource allocation

From: Ilya Matveychikov
Date: Tue Jun 05 2018 - 07:36:04 EST

> On Jun 5, 2018, at 3:26 PM, Al Viro <viro@xxxxxxxxxxxxxxxxxx> wrote:
>>> On Jun 5, 2018, at 6:00 AM, Ilya Matveychikov <matvejchikov@xxxxxxxxx> wrote:
>>> Early check for mount permissions prevents possible allocation of 3
>>> pages from kmalloc() pool by unpriveledged user which can be used for
>>> spraying the kernel heap.
> I'm sorry, but there are arseloads of unpriveleged syscalls that do the same,
> starting with read() from procfs files. So what the hell does it buy?

Means that if all do the same shit no reason to fix it? Sounds weird...