On 2020/06/24 13:00, Alexei Starovoitov wrote: >> However, regarding usermode_blob, although the byte array (which contains code / data) >> might be initially loaded from the kernel space (which is protected), that byte array >> is no longer protected (e.g. SIGKILL, strace()) when executed because they are placed >> in the user address space. Thus, LSM modules (including pathname based security) want >> to control how that byte array can behave. > > It's privileged memory regardless. root can poke into kernel or any process memory. LSM is there to restrict processes running as "root". Your "root can poke into kernel or any process memory." response is out of step with the times. Initial byte array used for usermode blob might be protected because of "part of .rodata or .init.rodata of kernel module", but that byte array after started in userspace is no longer protected. I don't trust such byte array as "part of kernel module", and I'm asking you how such byte array does not interfere (or be interfered by) the rest of the system.
