(replying to my own maill... :-( )
> > In particular, one thread can change the mapping of another thread in
> > between that other thread testing the i386 WP bit by hand and actually
> > writing to the page. It's a small window, and probably _very_ hard to
> > actually take advantage of, but it's there.
>
> Hmm, would not that be solved by placing cli()/sti() pair in there? If
> it is small window, this will not hurt that much, no?
Now I understand that it would not help, as problem is with sleeping,
not with interrupts.
Pavel
Following patch _could_ solve the problem (but I'm not really sure, as
kernel uses threads, itself... !suser there is essential, machine
would not boot).
Index: fork.c
===================================================================
RCS file: /home/pavel/cvsroot/linux/kernel/fork.c,v
retrieving revision 1.4
diff -u -r1.4 fork.c
--- fork.c 1997/07/18 11:55:50 1.4
+++ fork.c 1997/07/30 16:56:02
@@ -387,6 +387,19 @@
int error = -ENOMEM;
struct task_struct *p;
+#if CPU==386
+ if ( (clone_flags & CLONE_VM) && (!wp_works_ok) && (!suser())) {
+ /* On 80386 (486+ is safe), it is not-really-safe to have
+ * two threads sharing address space. Malicious user could
+ * use it to do something bad. If your machine does not need
+ * to be too safe (or you do not nasty users to exec their
+ * own code), you can safely kill whole #if.
+ * <pavel@atrey.karlin.mff.cuni.cz>
+ * */
+ printk( "Sharing VM disabled - WP does not work, could be security hazard.\n" );
+ return -EPERM;
+ }
+#endif
lock_kernel();
p = alloc_task_struct();
if (!p)
-- I'm really pavel@atrey.karlin.mff.cuni.cz. Pavel Look at http://atrey.karlin.mff.cuni.cz/~pavel/ ;-).