Re: [PATCH] proc: add config to block FOLL_FORCE in mem writes

From: Kees Cook
Date: Wed Jul 17 2024 - 13:23:16 EST

Next message: Jacob Keller: "Re: [PATCH net-next v17 09/14] net: netdevsim: ptp_mock: Convert to netdev_ptp_clock_register"
Previous message: Luis Henriques (SUSE): "[PATCH v5] ext4: fix fast commit inode enqueueing during a full journal commit"
In reply to: Adrian Ratiu: "[PATCH] proc: add config to block FOLL_FORCE in mem writes"
Next in thread: Linus Torvalds: "Re: [PATCH] proc: add config to block FOLL_FORCE in mem writes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Jul 17, 2024 at 02:13:58PM +0300, Adrian Ratiu wrote:
> This simple Kconfig option removes the FOLL_FORCE flag from
> procfs write calls because it can be abused.

For this to be available for general distros, I still want to have a
bootparam to control this, otherwise this mitigation will never see much
testing as most kernel deployments don't build their own kernels. A
simple __ro_after_init variable can be used.

In the future if folks want a more flexible version, we could make this
a one-way per-process flag, like no_new_privs.

--
Kees Cook

Next message: Jacob Keller: "Re: [PATCH net-next v17 09/14] net: netdevsim: ptp_mock: Convert to netdev_ptp_clock_register"
Previous message: Luis Henriques (SUSE): "[PATCH v5] ext4: fix fast commit inode enqueueing during a full journal commit"
In reply to: Adrian Ratiu: "[PATCH] proc: add config to block FOLL_FORCE in mem writes"
Next in thread: Linus Torvalds: "Re: [PATCH] proc: add config to block FOLL_FORCE in mem writes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]