Re: [PATCH 0/3] userfaultfd: allow to forbid unprivileged users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Andrea Arcangeli <aarcange@xxxxxxxxxx>
Subject: Re: [PATCH 0/3] userfaultfd: allow to forbid unprivileged users
From: Paolo Bonzini <pbonzini@xxxxxxxxxx>
Date: Thu, 14 Mar 2019 11:58:15 +0100
Cc: Peter Xu <peterx@xxxxxxxxxx>, Mike Kravetz <mike.kravetz@xxxxxxxxxx>, linux-kernel@xxxxxxxxxxxxxxx, Hugh Dickins <hughd@xxxxxxxxxx>, Luis Chamberlain <mcgrof@xxxxxxxxxx>, Maxime Coquelin <maxime.coquelin@xxxxxxxxxx>, kvm@xxxxxxxxxxxxxxx, Jerome Glisse <jglisse@xxxxxxxxxx>, Pavel Emelyanov <xemul@xxxxxxxxxxxxx>, Johannes Weiner <hannes@xxxxxxxxxxx>, Martin Cracauer <cracauer@xxxxxxxx>, Denis Plotnikov <dplotnikov@xxxxxxxxxxxxx>, linux-mm@xxxxxxxxx, Marty McFadden <mcfadden8@xxxxxxxx>, Maya Gokhale <gokhale2@xxxxxxxx>, Mike Rapoport <rppt@xxxxxxxxxxxxxxxxxx>, Kees Cook <keescook@xxxxxxxxxxxx>, Mel Gorman <mgorman@xxxxxxx>, "Kirill A . Shutemov" <kirill@xxxxxxxxxxxxx>, linux-fsdevel@xxxxxxxxxxxxxxx, "Dr . David Alan Gilbert" <dgilbert@xxxxxxxxxx>, Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
In-reply-to: <20190313234458.GJ25147@redhat.com>
Openpgp: preference=signencrypt
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.4.0

On 14/03/19 00:44, Andrea Arcangeli wrote:
> Then I thought we can add a tristate so an open of /dev/kvm would also
> allow the syscall to make things more user friendly because
> unprivileged containers ideally should have writable mounts done with
> nodev and no matter the privilege they shouldn't ever get an hold on
> the KVM driver (and those who do, like kubevirt, will then just work).

I wouldn't even bother with the KVM special case.  Containers can use
seccomp if they want a fine-grained policy.

(Actually I wouldn't bother with the knob at all; the attack surface of
userfaultfd is infinitesimal compared to the BPF JIT...).

Paolo

Follow-Ups:
- Re: [PATCH 0/3] userfaultfd: allow to forbid unprivileged users
  - From: Andrea Arcangeli
- Re: [PATCH 0/3] userfaultfd: allow to forbid unprivileged users
  - From: Alexei Starovoitov

References:
- [PATCH 0/3] userfaultfd: allow to forbid unprivileged users
  - From: Peter Xu
- Re: [PATCH 0/3] userfaultfd: allow to forbid unprivileged users
  - From: Mike Kravetz
- Re: [PATCH 0/3] userfaultfd: allow to forbid unprivileged users
  - From: Peter Xu
- Re: [PATCH 0/3] userfaultfd: allow to forbid unprivileged users
  - From: Paolo Bonzini
- Re: [PATCH 0/3] userfaultfd: allow to forbid unprivileged users
  - From: Andrea Arcangeli
- Re: [PATCH 0/3] userfaultfd: allow to forbid unprivileged users
  - From: Paolo Bonzini
- Re: [PATCH 0/3] userfaultfd: allow to forbid unprivileged users
  - From: Andrea Arcangeli

Prev by Date: Re: [PATCH 07/34] vfs: Add configuration parser helpers [ver #12]
Next by Date: Re: mount(2) with NULL fstype returns ENOENT instead of EINVAL after introducing fs_context methods
Previous by thread: Re: [PATCH 0/3] userfaultfd: allow to forbid unprivileged users
Next by thread: Re: [PATCH 0/3] userfaultfd: allow to forbid unprivileged users
Index(es):
- Date
- Thread

[Index of Archives] [Linux Ext4 Filesystem] [Union Filesystem] [Filesystem Testing] [Ceph Users] [Ecryptfs] [AutoFS] [Kernel Newbies] [Share Photos] [Security] [Netfilter] [Bugtraq] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux Cachefs] [Reiser Filesystem] [Linux RAID] [Samba] [Device Mapper] [CEPH Development]