Re: [PATCH] mm/madvise: remove racy mm ownership check

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Dec 8, 2020 at 7:22 PM Minchan Kim <minchan@xxxxxxxxxx> wrote:
>
> Jann spotted the security hole due to race of mm ownership check.
> If the task is sharing the mm_struct but goes through execve()
> before mm_access(), it could skip process_madvise_behavior_valid
> check. That makes *any advice hint* to reach into the remote process.
>
> This patch removes the mm ownership check.

Applied directly - I'm not sure Andrew has anything else pending, so
might as well short-circuit it.

              Linus




[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [eCos]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux