From: Jann Horn <jannh@google.com>
To: rick.p.edgecombe@intel.com
Cc: Kernel Hardening <kernel-hardening@lists.openwall.com>,
Daniel Borkmann <daniel@iogearbox.net>,
Kees Cook <keescook@chromium.org>,
Catalin Marinas <catalin.marinas@arm.com>,
Will Deacon <will.deacon@arm.com>,
"David S. Miller" <davem@davemloft.net>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
"the arch/x86 maintainers" <x86@kernel.org>,
Arnd Bergmann <arnd@arndb.de>,
jeyu@kernel.org, linux-arm-kernel@lists.infradead.org,
kernel list <linux-kernel@vger.kernel.org>,
linux-mips@linux-mips.org,
linux-s390 <linux-s390@vger.kernel.org>,
sparclinux@vger.kernel.org, linux-fsdevel@vger.kernel.org,
linux-arch <linux-arch@vger.kernel.org>,
kristen@linux.intel.com, Dave Hansen <dave.hansen@intel.com>,
Arjan van de Ven <arjan@linux.intel.com>,
deneen.t.dock@intel.com
Subject: Re: [PATCH v2 1/7] modules: Create rlimit for module space
Date: Fri, 12 Oct 2018 20:23:15 +0200 [thread overview]
Message-ID: <CAG48ez0pPX7XNqSj4dVG1s+PaDBCh4ar5xw1WcY1sLBPV_QAzA@mail.gmail.com> (raw)
In-Reply-To: <CAG48ez2fWg64nGxDXUQS3695KpVNrakAbarXJnYPd6xv5wOD+A@mail.gmail.com>
On Fri, Oct 12, 2018 at 2:35 AM Jann Horn <jannh@google.com> wrote:
> On Fri, Oct 12, 2018 at 1:40 AM Rick Edgecombe
> <rick.p.edgecombe@intel.com> wrote:
> > This introduces a new rlimit, RLIMIT_MODSPACE, which limits the amount of
> > module space a user can use. The intention is to be able to limit module space
> > allocations that may come from un-privlidged users inserting e/BPF filters.
>
> Note that in some configurations (iirc e.g. the default Ubuntu
> config), normal users can use the subuid mechanism (the /etc/subuid
> config file and the /usr/bin/newuidmap setuid helper) to gain access
> to 65536 UIDs, which means that in such a configuration,
> RLIMIT_MODSPACE*65537 is the actual limit for one user. (Same thing
> applies to RLIMIT_MEMLOCK.)
Actually, I may have misremembered, perhaps it's not installed by
default - I just checked in a Ubuntu VM, and the newuidmap helper from
the uidmap package wasn't installed.
WARNING: multiple messages have this Message-ID (diff)
From: Jann Horn <jannh@google.com>
To: rick.p.edgecombe@intel.com
Cc: Kernel Hardening <kernel-hardening@lists.openwall.com>,
Daniel Borkmann <daniel@iogearbox.net>,
Kees Cook <keescook@chromium.org>,
Catalin Marinas <catalin.marinas@arm.com>,
Will Deacon <will.deacon@arm.com>,
"David S. Miller" <davem@davemloft.net>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
the arch/x86 maintainers <x86@kernel.org>,
Arnd Bergmann <arnd@arndb.de>,
jeyu@kernel.org, linux-arm-kernel@lists.infradead.org,
kernel list <linux-kernel@vger.kernel.org>,
linux-mips@linux-mips.org,
linux-s390 <linux-s390@vger.kernel.org>,
sparclinux@vger.kernel.org, linux-fsdevel@vger.kernel.org,
linux-arch <linux-arch@vger.kernel.org>,
kristen@linux.intel.com, Dave Hansen <dave.hansen@intel.com>,
Arjan
Subject: Re: [PATCH v2 1/7] modules: Create rlimit for module space
Date: Fri, 12 Oct 2018 20:23:15 +0200 [thread overview]
Message-ID: <CAG48ez0pPX7XNqSj4dVG1s+PaDBCh4ar5xw1WcY1sLBPV_QAzA@mail.gmail.com> (raw)
In-Reply-To: <CAG48ez2fWg64nGxDXUQS3695KpVNrakAbarXJnYPd6xv5wOD+A@mail.gmail.com>
On Fri, Oct 12, 2018 at 2:35 AM Jann Horn <jannh@google.com> wrote:
> On Fri, Oct 12, 2018 at 1:40 AM Rick Edgecombe
> <rick.p.edgecombe@intel.com> wrote:
> > This introduces a new rlimit, RLIMIT_MODSPACE, which limits the amount of
> > module space a user can use. The intention is to be able to limit module space
> > allocations that may come from un-privlidged users inserting e/BPF filters.
>
> Note that in some configurations (iirc e.g. the default Ubuntu
> config), normal users can use the subuid mechanism (the /etc/subuid
> config file and the /usr/bin/newuidmap setuid helper) to gain access
> to 65536 UIDs, which means that in such a configuration,
> RLIMIT_MODSPACE*65537 is the actual limit for one user. (Same thing
> applies to RLIMIT_MEMLOCK.)
Actually, I may have misremembered, perhaps it's not installed by
default - I just checked in a Ubuntu VM, and the newuidmap helper from
the uidmap package wasn't installed.
WARNING: multiple messages have this Message-ID (diff)
From: Jann Horn <jannh@google.com>
To: rick.p.edgecombe@intel.com
Cc: Kernel Hardening <kernel-hardening@lists.openwall.com>,
Daniel Borkmann <daniel@iogearbox.net>,
Kees Cook <keescook@chromium.org>,
Catalin Marinas <catalin.marinas@arm.com>,
Will Deacon <will.deacon@arm.com>,
"David S. Miller" <davem@davemloft.net>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
the arch/x86 maintainers <x86@kernel.org>,
Arnd Bergmann <arnd@arndb.de>,
jeyu@kernel.org, linux-arm-kernel@lists.infradead.org,
kernel list <linux-kernel@vger.kernel.org>,
linux-mips@linux-mips.org,
linux-s390 <linux-s390@vger.kernel.org>,
sparclinux@vger.kernel.org, linux-fsdevel@vger.kernel.org,
linux-arch <linux-arch@vger.kernel.org>,
kristen@linux.intel.com, Dave Hansen <dave.hansen@intel.com>,
Arjan van de Ven <arjan@linux.intel.com>,
deneen.t.dock@intel.com
Subject: Re: [PATCH v2 1/7] modules: Create rlimit for module space
Date: Fri, 12 Oct 2018 18:23:15 +0000 [thread overview]
Message-ID: <CAG48ez0pPX7XNqSj4dVG1s+PaDBCh4ar5xw1WcY1sLBPV_QAzA@mail.gmail.com> (raw)
In-Reply-To: <CAG48ez2fWg64nGxDXUQS3695KpVNrakAbarXJnYPd6xv5wOD+A@mail.gmail.com>
On Fri, Oct 12, 2018 at 2:35 AM Jann Horn <jannh@google.com> wrote:
> On Fri, Oct 12, 2018 at 1:40 AM Rick Edgecombe
> <rick.p.edgecombe@intel.com> wrote:
> > This introduces a new rlimit, RLIMIT_MODSPACE, which limits the amount of
> > module space a user can use. The intention is to be able to limit module space
> > allocations that may come from un-privlidged users inserting e/BPF filters.
>
> Note that in some configurations (iirc e.g. the default Ubuntu
> config), normal users can use the subuid mechanism (the /etc/subuid
> config file and the /usr/bin/newuidmap setuid helper) to gain access
> to 65536 UIDs, which means that in such a configuration,
> RLIMIT_MODSPACE*65537 is the actual limit for one user. (Same thing
> applies to RLIMIT_MEMLOCK.)
Actually, I may have misremembered, perhaps it's not installed by
default - I just checked in a Ubuntu VM, and the newuidmap helper from
the uidmap package wasn't installed.
WARNING: multiple messages have this Message-ID (diff)
From: jannh@google.com (Jann Horn)
To: linux-arm-kernel@lists.infradead.org
Subject: [PATCH v2 1/7] modules: Create rlimit for module space
Date: Fri, 12 Oct 2018 20:23:15 +0200 [thread overview]
Message-ID: <CAG48ez0pPX7XNqSj4dVG1s+PaDBCh4ar5xw1WcY1sLBPV_QAzA@mail.gmail.com> (raw)
In-Reply-To: <CAG48ez2fWg64nGxDXUQS3695KpVNrakAbarXJnYPd6xv5wOD+A@mail.gmail.com>
On Fri, Oct 12, 2018 at 2:35 AM Jann Horn <jannh@google.com> wrote:
> On Fri, Oct 12, 2018 at 1:40 AM Rick Edgecombe
> <rick.p.edgecombe@intel.com> wrote:
> > This introduces a new rlimit, RLIMIT_MODSPACE, which limits the amount of
> > module space a user can use. The intention is to be able to limit module space
> > allocations that may come from un-privlidged users inserting e/BPF filters.
>
> Note that in some configurations (iirc e.g. the default Ubuntu
> config), normal users can use the subuid mechanism (the /etc/subuid
> config file and the /usr/bin/newuidmap setuid helper) to gain access
> to 65536 UIDs, which means that in such a configuration,
> RLIMIT_MODSPACE*65537 is the actual limit for one user. (Same thing
> applies to RLIMIT_MEMLOCK.)
Actually, I may have misremembered, perhaps it's not installed by
default - I just checked in a Ubuntu VM, and the newuidmap helper from
the uidmap package wasn't installed.
next prev parent reply other threads:[~2018-10-12 18:23 UTC|newest]
Thread overview: 70+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-10-11 23:31 [PATCH v2 0/7] Rlimit for module space Rick Edgecombe
2018-10-11 23:31 ` Rick Edgecombe
2018-10-11 23:31 ` Rick Edgecombe
2018-10-11 23:31 ` [PATCH v2 1/7] modules: Create rlimit " Rick Edgecombe
2018-10-11 23:31 ` Rick Edgecombe
2018-10-11 23:31 ` Rick Edgecombe
2018-10-12 0:35 ` Jann Horn
2018-10-12 0:35 ` Jann Horn
2018-10-12 0:35 ` Jann Horn
2018-10-12 17:04 ` Edgecombe, Rick P
2018-10-12 17:04 ` Edgecombe, Rick P
2018-10-12 17:04 ` Edgecombe, Rick P
2018-10-12 17:04 ` Edgecombe, Rick P
2018-10-12 17:04 ` Edgecombe, Rick P
2018-10-12 17:22 ` Jann Horn
2018-10-12 17:22 ` Jann Horn
2018-10-12 17:22 ` Jann Horn
2018-10-12 17:22 ` Jann Horn
2018-10-13 0:04 ` Edgecombe, Rick P
2018-10-13 0:04 ` Edgecombe, Rick P
2018-10-13 0:04 ` Edgecombe, Rick P
2018-10-13 0:04 ` Edgecombe, Rick P
2018-10-13 0:04 ` Edgecombe, Rick P
2018-10-13 0:09 ` Jann Horn
2018-10-13 0:09 ` Jann Horn
2018-10-13 0:09 ` Jann Horn
2018-10-13 0:09 ` Jann Horn
2018-10-23 11:32 ` Michal Hocko
2018-10-23 11:32 ` Michal Hocko
2018-10-23 11:32 ` Michal Hocko
2018-10-23 11:32 ` Michal Hocko
2018-10-23 11:32 ` Michal Hocko
2018-10-12 18:23 ` Jann Horn [this message]
2018-10-12 18:23 ` Jann Horn
2018-10-12 18:23 ` Jann Horn
2018-10-12 18:23 ` Jann Horn
2018-10-11 23:31 ` [PATCH v2 2/7] x86/modules: Add rlimit checking for x86 modules Rick Edgecombe
2018-10-11 23:31 ` Rick Edgecombe
2018-10-11 23:31 ` Rick Edgecombe
2018-10-11 23:31 ` [PATCH v2 3/7] arm/modules: Add rlimit checking for arm modules Rick Edgecombe
2018-10-11 23:31 ` Rick Edgecombe
2018-10-11 23:31 ` Rick Edgecombe
2018-10-11 23:31 ` [PATCH v2 4/7] arm64/modules: Add rlimit checking for arm64 modules Rick Edgecombe
2018-10-11 23:31 ` Rick Edgecombe
2018-10-11 23:31 ` Rick Edgecombe
2018-10-11 23:47 ` Dave Hansen
2018-10-11 23:47 ` Dave Hansen
2018-10-11 23:47 ` Dave Hansen
2018-10-12 14:32 ` Jessica Yu
2018-10-12 14:32 ` Jessica Yu
2018-10-12 14:32 ` Jessica Yu
2018-10-12 22:01 ` Edgecombe, Rick P
2018-10-12 22:01 ` Edgecombe, Rick P
2018-10-12 22:01 ` Edgecombe, Rick P
2018-10-12 22:01 ` Edgecombe, Rick P
2018-10-12 22:01 ` Edgecombe, Rick P
2018-10-12 22:54 ` Edgecombe, Rick P
2018-10-12 22:54 ` Edgecombe, Rick P
2018-10-12 22:54 ` Edgecombe, Rick P
2018-10-12 22:54 ` Edgecombe, Rick P
2018-10-12 22:54 ` Edgecombe, Rick P
2018-10-11 23:31 ` [PATCH v2 5/7] mips/modules: Add rlimit checking for mips modules Rick Edgecombe
2018-10-11 23:31 ` Rick Edgecombe
2018-10-11 23:31 ` Rick Edgecombe
2018-10-11 23:31 ` [PATCH v2 6/7] sparc/modules: Add rlimit for sparc modules Rick Edgecombe
2018-10-11 23:31 ` Rick Edgecombe
2018-10-11 23:31 ` Rick Edgecombe
2018-10-11 23:31 ` [PATCH v2 7/7] s390/modules: Add rlimit checking for s390 modules Rick Edgecombe
2018-10-11 23:31 ` Rick Edgecombe
2018-10-11 23:31 ` Rick Edgecombe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAG48ez0pPX7XNqSj4dVG1s+PaDBCh4ar5xw1WcY1sLBPV_QAzA@mail.gmail.com \
--to=jannh@google.com \
--cc=arjan@linux.intel.com \
--cc=arnd@arndb.de \
--cc=bp@alien8.de \
--cc=catalin.marinas@arm.com \
--cc=daniel@iogearbox.net \
--cc=dave.hansen@intel.com \
--cc=davem@davemloft.net \
--cc=deneen.t.dock@intel.com \
--cc=jeyu@kernel.org \
--cc=keescook@chromium.org \
--cc=kernel-hardening@lists.openwall.com \
--cc=kristen@linux.intel.com \
--cc=linux-arch@vger.kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mips@linux-mips.org \
--cc=linux-s390@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=rick.p.edgecombe@intel.com \
--cc=sparclinux@vger.kernel.org \
--cc=tglx@linutronix.de \
--cc=will.deacon@arm.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.