On Mon, Mar 04, 2024 at 02:35:29PM +0000, Adrian Ratiu wrote: > Yes, easy to block and also respect page permissions (can't write > read-only memory) as well as require ptrace access anyway by checking > PTRACE_MODE_ATTACH_REALCREDS. right, I don't think process_vm_writev() ignores page permissions? i.e. I don't see where it is using FOLL_FORCE, which is one of the central problems with /proc/$pid/mem. (Which reminds me, this is worth mentioning more explicitly in the commit log for v3.) -- Kees Cook
