On Tue, Jan 29, 2019 at 7:21 AM Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx> wrote: > > On Fri, 25 Jan 2019 09:38:27 -0800 Matthew Wilcox <willy@xxxxxxxxxxxxx> wrote: > > > It's never appropriate to map a page allocated by SLAB into userspace. > > A buggy device driver might try this, or an attacker might be able to > > find a way to make it happen. > > It wouldn't surprise me if someone somewhere is doing this. Rather > than mysteriously breaking their code, how about we emit a warning and > still permit it to proceed, for a while? It seems like a fatal condition to me? There's nothing to check that such a page wouldn't get freed by the slab while still mapped to userspace, right? But I'll take warning over not checking. :) -- Kees Cook
