Re: [PATCH 2/2] Add a new sysctl knob: unprivileged_userfaultfd_user_mode_only

From: Andrea Arcangeli
Date: Wed May 20 2020 - 17:16:52 EST

Next message: Bart Van Assche: "Re: Another approach of UFSHPB"
Previous message: Paolo Bonzini: "Re: [PATCH 00/24] KVM: nSVM: event fixes and migration support"
In reply to: Lokesh Gidra: "Re: [PATCH 2/2] Add a new sysctl knob: unprivileged_userfaultfd_user_mode_only"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, May 20, 2020 at 01:17:20PM -0700, Lokesh Gidra wrote:
> Adding the Android kernel team in the discussion.

Unless I'm mistaken that you can already enforce bit 1 of the second
parameter of the userfaultfd syscall to be set with seccomp-bpf, this
would be more a question to the Android userland team.

The question would be: does it ever happen that a seccomp filter isn't
already applied to unprivileged software running without
SYS_CAP_PTRACE capability?

If answer is "no" the behavior of the new sysctl in patch 2/2 (in
subject) should be enforceable with minor changes to the BPF
assembly. Otherwise it'd require more changes.

Thanks!
Andrea

Next message: Bart Van Assche: "Re: Another approach of UFSHPB"
Previous message: Paolo Bonzini: "Re: [PATCH 00/24] KVM: nSVM: event fixes and migration support"
In reply to: Lokesh Gidra: "Re: [PATCH 2/2] Add a new sysctl knob: unprivileged_userfaultfd_user_mode_only"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]