Re: [PATCH] pkeys: Introduce PKEY_ALLOC_SIGNALINHERIT and change signal semantics

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




> On May 2, 2018, at 4:58 PM, Dave Hansen <dave.hansen@xxxxxxxxx> wrote:
> 
> On 05/02/2018 04:32 PM, Andy Lutomirski wrote:
>>> But, where do those come from in this scenario?  I'm not getting
>>> the secondary mechanism is that *makes* them unsafe.
>> pkey_alloc() itself.  If someone tries to allocate a key with a given
>> default mode, unless there’s already a key that already had that
>> value in all threads or pkey_alloc() needs to asynchronously create
>> such a key.
> 
> I think you are saying: If a thread calls pkey_alloc(), all threads
> should, by default, implicitly get access.

No, I’m saying that all threads should get the *requested* access.  If I’m protecting the GOT, I want all threads to get RO access. If I’m writing a crypto library, I probably want all threads to have no access.  If I’m writing a database, I probably want all threads to get RO by default.  If I’m writing some doodad to sandbox some carefully constructed code, I might want all threads to have full access by default.

—Andy



[Index of Archives]     [Linux Kernel]     [Kernel Newbies]     [x86 Platform Driver]     [Netdev]     [Linux Wireless]     [Netfilter]     [Bugtraq]     [Linux Filesystems]     [Yosemite Discussion]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Device Mapper]

  Powered by Linux