Re: [PATCH] mm/mincore: allow for making sys_mincore() privileged

From: Matthew Wilcox
Date: Wed Jan 16 2019 - 07:36:17 EST

Next message: Stanimir Varbanov: "[RFC PATCH] media/doc: Allow sizeimage to be set by v4l clients"
Previous message: Peter Zijlstra: "Re: [PATCH V2] mm: Introduce GFP_PGTABLE"
In reply to: Dominique Martinet: "Re: [PATCH] mm/mincore: allow for making sys_mincore() privileged"
Next in thread: Linus Torvalds: "Re: [PATCH] mm/mincore: allow for making sys_mincore() privileged"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Jan 16, 2019 at 05:00:25PM +1200, Linus Torvalds wrote:
> And if you're not the owner of the file, do you have another
> suggestion for that "Yes, I have the right to see what's in-core for
> this file". Because the problem is literally that if it's some random
> read-only system file, the kernel shouldn't leak access patterns to
> it..

This probably isn't a good heuristic, but thought I'd mention it
anyway ... if the file is executable and you're not the owner, mincore
always/never says its pages are resident. That'd fix all library leaks,
but then there's probably a smart way of figuring out something from
access patterns to a data file of some kind (/etc/passwd?)

Next message: Stanimir Varbanov: "[RFC PATCH] media/doc: Allow sizeimage to be set by v4l clients"
Previous message: Peter Zijlstra: "Re: [PATCH V2] mm: Introduce GFP_PGTABLE"
In reply to: Dominique Martinet: "Re: [PATCH] mm/mincore: allow for making sys_mincore() privileged"
Next in thread: Linus Torvalds: "Re: [PATCH] mm/mincore: allow for making sys_mincore() privileged"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]