Re: [PATCH 0/3] PTI for x86-32 Fixes and Updates
From: Pavel Machek
Date: Mon Jul 23 2018 - 17:56:02 EST
Hi!
> > What I want is "if A can ptrace B, and B has pti disabled, A can have
> > pti disabled as well". Now.. I see someone may want to have it
> > per-thread, because for stuff like javascript JIT, thread may have
> > rights to call ptrace, but is unable to call ptrace because JIT
> > removed that ability... hmm...
>
> No, you donât want that. The problem is that Meltdown isnât a problem that exists in isolation. Itâs very plausible that JavaScript code could trigger a speculation attack that, with PTI off, could read kernel memory.
Yeah, the web browser threads that run javascript code should have PTI
on. But maybe I want the rest of web browser with PTI off.
So... yes, I see why someone may want it per-thread (and not
per-process).
I guess per-process would be good enough for me. Actually, maybe even
per-uid. I don't have any fancy security here, so anything running uid
0 and 1000 is close enough to trusted.
Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
Attachment:
signature.asc
Description: Digital signature