Re: [PATCH] usb: mon: make mmapped memory read only
From: Tadeusz Struk
Date: Mon Sep 19 2022 - 10:54:03 EST
Hi Dmitry,
On 9/18/22 21:25, Dmitry Vyukov wrote:
Hi Tadeusz,
Looking at places like these:
https://elixir.bootlin.com/linux/v6.0-rc5/source/drivers/infiniband/hw/qib/qib_file_ops.c#L736
https://elixir.bootlin.com/linux/v6.0-rc5/source/drivers/infiniband/hw/mlx5/main.c#L2088
I think we also need to remove VM_MAYWRITE, otherwise it's still
possible to turn it into a writable mapping with mprotect.
It's also probably better to return an error if VM_WRITE (or VM_EXEC?) is set
rather than silently fix it up.
Yes, I think that returning an error will make more sense here.
I don't think we need to worry about VM_EXEC. Even if userspace will try to execute
from the mmaped location it won't work. It will probably crash the application without
causing any harm to the kernel.
I will update the patch and send a v2 soon.
--
Thanks,
Tadeusz