Dear Mr. Miller, dear Willy, just for my understanding: apart from the fact that the maximum allocated sizes differ for vmalloc() and kmalloc(), is it also true that a non priviledged user couldn't call get_kernel_syms () with the current kmalloc() solution? Given this, wouldn't it be sufficient (for safety reasons) to include a dummy call to kmalloc and return with an error if a non privileged user does the call? I mean, elegance is something different :-), but this could catch such a problem. Just like: char *for_safety_reasons; for_safety_reasons=kmalloc(1, GFP_KERNEL); if (!for_safety_reasons) return -ENOMEM; (or what soever) kfree (for_safety_reasons); Or is (in this regard) the only difference between vmalloc() and kmalloc() the maximum size of allocable memory? Given this, the question reduces down to whether a fork bomb on vmalloc() or a fork bomb on kmalloc() is worse. My two cents here. Take care & many thanks for looking into it, Dieter Jurzitza -- ________________________________________________ HARMAN BECKER AUTOMOTIVE SYSTEMS Dr.-Ing. Dieter Jurzitza Manager Hardware Systems System Development Industriegebiet Ittersbach Becker-Göring Str. 16 D-76307 Karlsbad / Germany Phone: +49 (0)7248 71-1577 Fax: +49 (0)7248 71-1216 eMail: DJurzitza@xxxxxxxxxxxxxxxx Internet: http://www.becker.de > -----Ursprüngliche Nachricht----- > Von: David Miller [mailto:davem@xxxxxxxxxxxxx] > Gesendet: Freitag, 22. September 2006 00:56 > 2) I dislike this fix because it means that users can lock down > a significant amount of non-swappable kernel memory. There are > no privilege checks in the get_kernel_syms() system call, so > anyone can invoke it. Imagine a fork bomb invoking this, and it > could also potentially eat up nearly all of the vmalloc() space. > > It may be, in the end, simply better to have a > "compat_sys_get_kernel_syms" written that can be called so a ***** ******************************************* Diese E-Mail enthaelt vertrauliche und/oder rechtlich geschuetzte Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtuemlich erhalten haben, informieren Sie bitte sofort den Absender und loeschen Sie diese Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser Mail ist nicht gestattet. This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and delete this e-mail. Any unauthorized copying, disclosure or distribution of the contents in this e-mail is strictly forbidden. ******************************************* - To unsubscribe from this list: send the line "unsubscribe sparclinux" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
