On Fri, Dec 15, 2017 at 4:31 PM, Al Viro <viro@xxxxxxxxxxxxxxxxxx> wrote:
>>
>> The fact is, if we have non-user mappings in the user part of the
>> address space, we _need_ to teach access_ok() about them, because
>> fundamentally any "get_user()/put_user()" will happily ignore the lack
>> of PAGE_USER (since those happen from kernel space).
>
> Details, please - how *can* access_ok() be taught of that?
We'd have to do something like put the !PAGE_USER mapping at the top
of the user address space, and then simply make user_addr_max()
smaller than the actual user page table size.
Or some other silly hack.
I do not believe there is any sane way to have !PAGE_USER in
_general_, if you actually want to limit access to it.
(We _could_ use !PAGE_USER for things that aren't really strictly
about security - ie we could have used it for the NUMA balancing
instead of using the P bit, and just let put_user/get_user blow
through them).
Linus
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@xxxxxxxxx. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>
