Re: Questions regarding Linux swapping.

Christopher W. Boyd (cboyd@pobox.com)
Wed, 04 Aug 1999 11:35:19 -0500

At 10:05 AM 8/2/99 -0500, you wrote:
>Actually, I've been looking for a way to lock down chunks of user >memory
from within the driver I'm writing without the permission
>check in mlock. Is there a clean, exported interface to this? Or
>perhaps it would be enough to set some bit in the page tables (other >than
the dreaded reserved bit -- that would probably trash the user >program
anyway). The kernel code to do this did not seem to make
>much sense, but I'm no expert in the memory subsystem. Thanks!

You can always look mlock/munlock up manually in the sys_call_table, but
the kernel code has to run within the context of a task AND run with
euid==0 (setuid root or as root user). This seems to be annoying and to
open up many security holes (I'm paranoid about setuid root programs).

A new kernel interface which either 1) allowed a user to have X
pages at most per user locked, or that 2) allowed X pages for all non root
users at most to be locked would be a feasible solution to this, instead of
having to have euid==0. It seems that not limiting users with m(un)lock
could probably be used for some sort of DoS attack
(lock a bunch of useless junk into memory so nothing else can get
memory to run ...). Either 1) or 2) would limit this, and
do so without adding security issues. Whatever is implemented, there
should be a fixed amount of unlockable memory so things can
swapped in to be ran.

Anyhow, below is a snippet of how I actually looked mlock/munlock up
in kernel space. I use it in a driver that I have, to do dma to user space
(with a busmaster pci card based using the AMC S5933 chip).

----------8<---------------8<--------------------

#include <asm/unistd.h>

typedef int (*mlock_t)(unsigned long start, size_t len);
typedef int (*munlock_t)(unsigned long start, size_t len);

extern void *sys_call_table;

static mlock_t mlock;
static munlock_t munlock;

/*
* figure out addresses for mlock and munlock (e.g. sys_mlock
* and sys_unlock functions), as they're not exported, and we'll
* need them later.
*/

mlock = ((mlock_t *) &sys_call_table)[__NR_mlock];
munlock = ((munlock_t *) &sys_call_table)[__NR_munlock];

----------8<---------------8<--------------------

Regards,
Christopher Boyd

---
Chrisotopher W. Boyd <cboyd@pobox.com>
Web Page: http://www.pobox.com/~cboyd/
University of Texas at Austin
PGP Key ID 0x18037059
ICQ UIN# 13185314
My views don't necessarily reflect those of anybody else.






-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/