Re: Repost: Missing security_mmap_file() in remap_file_pages syscall

From: Kirill A. Shutemov
Date: Mon Mar 25 2019 - 13:47:12 EST

Next message: Alan Tull: "Re: [PATCH 02/17] fpga: dfl: fme: align PR buffer size per PR datawidth"
Previous message: Nick Desaulniers: "Re: [PATCH] bitrev: fix constant bitrev"
In reply to: TongZhang: "Repost: Missing security_mmap_file() in remap_file_pages syscall"
Next in thread: Stephen Smalley: "Re: Repost: Missing security_mmap_file() in remap_file_pages syscall"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Mar 25, 2019 at 01:33:51PM -0400, TongZhang wrote:
> Dear Kernel Developers,
>
> Weâd like to bring this up for a discussion again.
>
> Several months ago we posted an email discussing a case where remap_file_pages() has no security_mmap_file() check.
> At that time we were told that do_mmap_pgoff() will base the new VMA permission on the old one.
> But somehow we still think the check is needed, for the reason that the advisory could first do a
> mmap() which can pass SELinux check then remap using a completely different file or region of file,
> which could possibly pose a risk.

Could you elabarote on the risk you see? A bad scenario that could be
prevented with SELinux check would be helpful.

--
Kirill A. Shutemov

Next message: Alan Tull: "Re: [PATCH 02/17] fpga: dfl: fme: align PR buffer size per PR datawidth"
Previous message: Nick Desaulniers: "Re: [PATCH] bitrev: fix constant bitrev"
In reply to: TongZhang: "Repost: Missing security_mmap_file() in remap_file_pages syscall"
Next in thread: Stephen Smalley: "Re: Repost: Missing security_mmap_file() in remap_file_pages syscall"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]