From mboxrd@z Thu Jan 1 00:00:00 1970 From: Alexei Starovoitov Subject: Re: [PATCH net-next] modules: allow modprobe load regular elf binaries Date: Fri, 9 Mar 2018 17:43:12 -0800 Message-ID: <64a80f5e-25db-5413-ab50-fb122bc22d8c@fb.com> References: <20180309181527.GA15803@kroah.com> <74e26cc0-9e72-f03b-5396-f3480921f234@fb.com> <20180309.135550.385837861865623769.davem@davemloft.net> Mime-Version: 1.0 Content-Type: text/plain; charset="utf-8"; format=flowed Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: Sender: linux-kernel-owner@vger.kernel.org To: Andy Lutomirski , David Miller Cc: Greg KH , Linus Torvalds , Kees Cook , Alexei Starovoitov , Djalal Harouni , Al Viro , Daniel Borkmann , "Luis R. Rodriguez" , Network Development , LKML , kernel-team , Linux API List-Id: linux-api@vger.kernel.org On 3/9/18 11:37 AM, Andy Lutomirski wrote: > On Fri, Mar 9, 2018 at 6:55 PM, David Miller wrote: >> From: Alexei Starovoitov >> Date: Fri, 9 Mar 2018 10:50:49 -0800 >> >>> On 3/9/18 10:23 AM, Andy Lutomirski wrote: >>>> It might not be totally crazy to back it by tmpfs. >>> >>> interesting. how do you propose to do it? >>> Something like: >>> - create /umh_module_tempxxx dir >>> - mount tmpfs there >>> - copy elf into it and exec it? >> >> I think the idea is that it's an internal tmpfs mount that only >> the kernel has access too. > > That's what I was imagining. There's precedent. For example, there's > a very short piece of code that does it in > drivers/gpu/drm/i915/i915_gemfs.c. I can do "monkey see monkey do" approach which will look like: type = get_fs_type("tmpfs"); fs = kern_mount(type); /* for each request_umh("foo") */ file = shmem_file_setup_with_mnt(fs, "umh_foo"); do { pagecache_write_begin(file,...); memcpy() pagecache_write_end(); } while (umh_elf_size); do_execve_file(file); fput(file); while keeping fs mounted forever? is there better way?