Re: [PATCH 2.6.32 19/38] [PATCH 19/38] pagemap: hide physical addresses from non-privileged users

From: Willy Tarreau
Date: Mon Nov 30 2015 - 06:30:26 EST


On Mon, Nov 30, 2015 at 08:01:36AM +0100, Willy Tarreau wrote:
> On Mon, Nov 30, 2015 at 01:54:22AM +0000, Ben Hutchings wrote:
> > On Sun, 2015-11-29 at 22:47 +0100, Willy Tarreau wrote:
> > This is wrong; see
> > <https://marc.info/?l=linux-api&m=143144321020852&w=2>.
>
> Damned, and I now remember this discussion. The worst thing is that
> I purposely booted a machine to test the fix and was happy with it,
> I forgot this point :-(
>
> > For 2.6.32 perhaps you could retain the capability check at open time
> > but store the result in private state for use at read time.
>
> I'll see if it is possible to opencode security_capable() with 2.6.32's
> infrastructure, and how far this brings us. Or maybe we should even drop
> this one completely and leave pagemap readable only for superuser on
> 2.6.32, it doesn't seem to be that big of a deal either.

It was easy enough to open-code security_capable() in the end. I've
tested this version which works fine for me here. If that's OK for you
I'll emit an -rc2 with the last two patches.

Thanks,
Willy