Re: [PATCH] loop: prevent get_user pages call from kernel thread(v2)

From: Andi Kleen
Date: Sun Jul 06 2008 - 07:42:01 EST

Next message: Andi Kleen: "Re: [bug?] tg3: Failed to load firmware "tigon/tg3_tso.bin""
Previous message: Alexander Beregalov: "[PATCH] drm_memory.h: remove double inclusion of linux/vmalloc.h"
In reply to: Dmitri Monakhov: "[PATCH] loop: prevent get_user pages call from kernel thread(v2)"
Next in thread: Dmitri Monakhov: "Re: [PATCH] loop: prevent get_user pages call from kernel thread(v2)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Dmitri Monakhov <dmonakhov@xxxxxxxxxx> writes:

> Yes... everybody know that it is bad to write from kernel thread, and it is
> madness to do it with O_DIRECT. But occasionly file with O_DIRECT flag
> may be passed to loop device via LOOP_SET_FD. So if file-system has't
> address_space ops, or simply hide it like GFS, it is possible to kill kernel
> via two lines program. In fact we can't effectively guard kernel space by
> deny O_DIRECT in loop's code, because user space can set it via
> fcntl(,F_SETFL,). Let's simply add sanity check mm related logic.

Wouldn't it be better if loop simply dup()ed the file descriptor
and then checked the flag? Presumably other fd flags could
do bad things inside loop too.

-Andi

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andi Kleen: "Re: [bug?] tg3: Failed to load firmware "tigon/tg3_tso.bin""
Previous message: Alexander Beregalov: "[PATCH] drm_memory.h: remove double inclusion of linux/vmalloc.h"
In reply to: Dmitri Monakhov: "[PATCH] loop: prevent get_user pages call from kernel thread(v2)"
Next in thread: Dmitri Monakhov: "Re: [PATCH] loop: prevent get_user pages call from kernel thread(v2)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]