Re: [PATCH] ksys_mount: check for permissions before resource allocation

From: Al Viro
Date: Tue Jun 05 2018 - 08:34:16 EST

Next message: Laurentiu Tudor: "[PATCH] irqchip/ls-scfg-msi: map MSIs in the iommu"
Previous message: YueHaibing: "[PATCH net-next 3/6] net: neterion: use pci_zalloc_consistent"
In reply to: Ilya Matveychikov: "Re: [PATCH] ksys_mount: check for permissions before resource allocation"
Next in thread: Eric W. Biederman: "Re: [PATCH] ksys_mount: check for permissions before resource allocation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Jun 05, 2018 at 04:07:15PM +0400, Ilya Matveychikov wrote:

> > If you depend upon preventing kmalloc'ed temporary allocations filled
> > with user-supplied data, you are screwed, plain and simple. It really can't
> > be prevented, in a lot of ways that are much less exotic than mount(2).
> > Most of syscall arguments are copied in, before we get any permission
> > checks. It does happen and it will happen - examining them while they are
> > still in userland is a nightmare in a lot of respects, starting with
> > security.
>
> I agree that itâs impossible to completely avoid this kind of allocations
> and examining data in user-land will be the bigger problem than copying
> arguments to the kernel. But aside of that whatâs wrong with the idea of
> having the permission check before doing any kind of work?

Presenting that as mitigating a vulnerability. It's neither better nor worse
in that respect than the original.

Next message: Laurentiu Tudor: "[PATCH] irqchip/ls-scfg-msi: map MSIs in the iommu"
Previous message: YueHaibing: "[PATCH net-next 3/6] net: neterion: use pci_zalloc_consistent"
In reply to: Ilya Matveychikov: "Re: [PATCH] ksys_mount: check for permissions before resource allocation"
Next in thread: Eric W. Biederman: "Re: [PATCH] ksys_mount: check for permissions before resource allocation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]