From: Andrea Arcangeli <aarcange@redhat.com>
To: Lokesh Gidra <lokeshgidra@google.com>
Cc: Kees Cook <keescook@chromium.org>,
Jonathan Corbet <corbet@lwn.net>, Peter Xu <peterx@redhat.com>,
Sebastian Andrzej Siewior <bigeasy@linutronix.de>,
Andrew Morton <akpm@linux-foundation.org>,
Alexander Viro <viro@zeniv.linux.org.uk>,
Stephen Smalley <stephen.smalley.work@gmail.com>,
Eric Biggers <ebiggers@kernel.org>,
Daniel Colascione <dancol@dancol.org>,
"Joel Fernandes (Google)" <joel@joelfernandes.org>,
linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-doc@vger.kernel.org, kaleshsingh@google.com,
calin@google.com, surenb@google.com, nnk@google.com,
jeffv@google.com, kernel-team@android.com,
Mike Rapoport <rppt@linux.vnet.ibm.com>, Shaohua Li <shli@fb.com>,
Jerome Glisse <jglisse@redhat.com>,
Mauro Carvalho Chehab <mchehab+huawei@kernel.org>,
Johannes Weiner <hannes@cmpxchg.org>,
Mel Gorman <mgorman@techsingularity.net>,
Nitin Gupta <nigupta@nvidia.com>,
Vlastimil Babka <vbabka@suse.cz>,
Iurii Zaikin <yzaikin@google.com>,
Luis Chamberlain <mcgrof@kernel.org>,
Daniel Colascione <dancol@google.com>
Subject: Re: [PATCH v5 1/2] Add UFFD_USER_MODE_ONLY
Date: Fri, 23 Oct 2020 22:08:43 -0400 [thread overview]
Message-ID: <20201024020843.GB19707@redhat.com> (raw)
In-Reply-To: <20201011062456.4065576-2-lokeshgidra@google.com>
On Sat, Oct 10, 2020 at 11:24:55PM -0700, Lokesh Gidra wrote:
> userfaultfd handles page faults from both user and kernel code.
> Add a new UFFD_USER_MODE_ONLY flag for userfaultfd(2) that makes
> the resulting userfaultfd object refuse to handle faults from kernel
> mode, treating these faults as if SIGBUS were always raised, causing
> the kernel code to fail with EFAULT.
>
> A future patch adds a knob allowing administrators to give some
> processes the ability to create userfaultfd file objects only if they
> pass UFFD_USER_MODE_ONLY, reducing the likelihood that these processes
> will exploit userfaultfd's ability to delay kernel page faults to open
> timing windows for future exploits.
>
> Signed-off-by: Daniel Colascione <dancol@google.com>
> Signed-off-by: Lokesh Gidra <lokeshgidra@google.com>
Reviewed-by: Andrea Arcangeli <aarcange@redhat.com>
next prev parent reply other threads:[~2020-10-24 2:08 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-10-11 6:24 [PATCH v5 0/2] Control over userfaultfd kernel-fault handling Lokesh Gidra
2020-10-11 6:24 ` [PATCH v5 1/2] Add UFFD_USER_MODE_ONLY Lokesh Gidra
2020-10-24 2:08 ` Andrea Arcangeli [this message]
2020-10-11 6:24 ` [PATCH v5 2/2] Add user-mode only option to unprivileged_userfaultfd sysctl knob Lokesh Gidra
2020-10-24 2:48 ` Andrea Arcangeli
2020-10-24 4:08 ` Lokesh Gidra
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201024020843.GB19707@redhat.com \
--to=aarcange@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=bigeasy@linutronix.de \
--cc=calin@google.com \
--cc=corbet@lwn.net \
--cc=dancol@dancol.org \
--cc=dancol@google.com \
--cc=ebiggers@kernel.org \
--cc=hannes@cmpxchg.org \
--cc=jeffv@google.com \
--cc=jglisse@redhat.com \
--cc=joel@joelfernandes.org \
--cc=kaleshsingh@google.com \
--cc=keescook@chromium.org \
--cc=kernel-team@android.com \
--cc=linux-doc@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=lokeshgidra@google.com \
--cc=mcgrof@kernel.org \
--cc=mchehab+huawei@kernel.org \
--cc=mgorman@techsingularity.net \
--cc=nigupta@nvidia.com \
--cc=nnk@google.com \
--cc=peterx@redhat.com \
--cc=rppt@linux.vnet.ibm.com \
--cc=shli@fb.com \
--cc=stephen.smalley.work@gmail.com \
--cc=surenb@google.com \
--cc=vbabka@suse.cz \
--cc=viro@zeniv.linux.org.uk \
--cc=yzaikin@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.