On Wed, Jul 7, 2021 at 6:08 PM Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx> wrote:
>
> From: Mike Rapoport <rppt@xxxxxxxxxxxxx>
> Subject: mm: introduce memfd_secret system call to create "secret" memory areas
>
> Introduce "memfd_secret" system call with the ability to create memory
> areas visible only in the context of the owning process and not mapped not
> only to other processes but in the kernel page tables as well.
Am I missing something?
>From what I can't tell, this must not be enabled for regular users,
because the secret mapping is effectively mlock'ed into the address
space.
But there does not seem to be any permission checks or any limits, so
this looks like a trivial way for a bad user to force the kernel to
run out of memory.
So this looks entirely unacceptable.
Please tell me what I'm not getting...
Linus
