The definition I gave was "should be readable by ptrace", and so it works
if that's how you categorize all execute-only pages. But...
> [...], but I'm worried about someone adding other
> execute-only pages further down the road, not being aware that
> ptrace() would cause a potential security problem).
Given that concern, I'll agree with your assessment.
> For ia64, I think we really want to say: if it's accessing the gate
> page, allow reads. There is just no way we can infer that from
> looking at the PTE itself.
>
> Is there really a point in allowing other FIXMAP pages to be read via
> ptrace() on x86?
Currently, none are (because pte_user is only true of the vsyscall page).
For each individual arch, it seems reasonable enough to me to just have
special cases rather than testing the page tables. Rather than the code
now in #ifdef FIXADDR_START it could just call an arch_get_user_pages
function to check for magic user addresses without vmas.
Linus's suggested change is obviously the minimal change from what we have
now. But the arch_get_user_pages idea might be the more conservative
implementation compared to the status quo before my get_user_pages patch.
Thanks,
Roland
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/