Re: [PATCH v2 11/17] selftests/x86/ldt_gdt: Prepare for access bit forced
From: Linus Torvalds
Date: Thu Dec 14 2017 - 16:48:57 EST
On Thu, Dec 14, 2017 at 1:44 PM, Linus Torvalds
<torvalds@xxxxxxxxxxxxxxxxxxxx> wrote:
>
> So it clearly needs to have the PAGE_USER bit clear (to avoid users
> accessing it directly), and it needs to be marked somehow for
> get_user_pages() to refuse it too, and access_ok() needs to fail it so
> that we can't do get_user/put_user on it.
Actually, just clearing PAGE_USER should make gup avoid it automatically.
So really the only other thing it needs is to have access_ok() avoid
it so that the kernel can't be fooled into accessing it for the user.
That does probably mean having to put it at the top of the user
address space and playing games with user_addr_max(). Which is not
wonderful, but certainly not rocket surgery either.
Linus