Re: Security fix for remapping of page 0 (was [PATCH] Change ZERO_SIZE_PTRto point at unmapped space)

[Rik van Riel]

Larry H. wrote:

> Christopher, crippling the system is truly not the way to fix this.
> There are many legitimate users of private|fixed mappings at 0. In
> addition, if you want to go ahead and break POSIX, at least make sure
> your patch closes the loophole.

I suspect there aren't many at all, and restricting them through
SELinux may be enough to mitigate the risk.

> If SELinux isn't present, that's not useful. If mmap_min_addr is
> enabled, that still won't solve what my original, utterly simple patch
> fixes.

Would anybody paranoid run their system without SELinux?

> The patch provides a no-impact, clean solution to prevent kmalloc(0)
> situations from becoming a security hazard. Nothing else.

True, the changes in your patch only affect a few code paths.

--
All rights reversed.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/