Re: [PATCH] proc: add config to block FOLL_FORCE in mem writes

From: Eric Biggers
Date: Wed Jul 17 2024 - 16:53:49 EST

Next message: Ard Biesheuvel: "Re: [PATCH] efi/libstub: Fixed an issue with screen_info not being initialized"
Previous message: Rafael Aquini: "Re: [PATCH v4 2/2] kbuild: rpm-pkg: introduce a simple changelog section for kernel.spec"
In reply to: Adrian Ratiu: "Re: [PATCH] proc: add config to block FOLL_FORCE in mem writes"
Next in thread: Kees Cook: "Re: [PATCH] proc: add config to block FOLL_FORCE in mem writes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Jul 17, 2024 at 02:13:58PM +0300, Adrian Ratiu wrote:
> +config SECURITY_PROC_MEM_RESTRICT_FOLL_FORCE
> + bool "Remove FOLL_FORCE usage from /proc/pid/mem writes"
> + default n
> + help
> + This restricts FOLL_FORCE flag usage in procfs mem write calls
> + because it bypasses memory permission checks and can be used by
> + attackers to manipulate process memory contents that would be
> + otherwise protected.
> +
> + Enabling this will break GDB, gdbserver and other debuggers
> + which require FOLL_FORCE for basic functionalities.
> +
> + If you are unsure how to answer this question, answer N.

FOLL_FORCE is an internal flag, and people who aren't kernel developers aren't
going to know what it is. Could this option be named and documented in a way
that would be more understandable to people who aren't kernel developers? What
is the effect on how /proc/pid/mem behaves?

- Eric

Next message: Ard Biesheuvel: "Re: [PATCH] efi/libstub: Fixed an issue with screen_info not being initialized"
Previous message: Rafael Aquini: "Re: [PATCH v4 2/2] kbuild: rpm-pkg: introduce a simple changelog section for kernel.spec"
In reply to: Adrian Ratiu: "Re: [PATCH] proc: add config to block FOLL_FORCE in mem writes"
Next in thread: Kees Cook: "Re: [PATCH] proc: add config to block FOLL_FORCE in mem writes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]