proc: make check_mem_permission() return an mm_struct on success - linux-dev - Linux kernel development work

diff options

author	Stephen Wilson <wilsons@start.ca>	2011-03-13 15:49:23 -0400
committer	Al Viro <viro@zeniv.linux.org.uk>	2011-03-23 16:36:59 -0400
commit	8b0db9db19858b08c46a84540acfd35f6e6487b8 (patch)
tree	f8cad66b43b21ac8cc58c6173b86aaa9ee3d4b5f /tools/perf/scripts/python
parent	proc: hold cred_guard_mutex in check_mem_permission() (diff)
download	linux-dev-8b0db9db19858b08c46a84540acfd35f6e6487b8.tar.xz linux-dev-8b0db9db19858b08c46a84540acfd35f6e6487b8.zip

proc: make check_mem_permission() return an mm_struct on success

This change allows us to take advantage of access_remote_vm(), which in turn eliminates a security issue with the mem_write() implementation. The previous implementation of mem_write() was insecure since the target task could exec a setuid-root binary between the permission check and the actual write. Holding a reference to the target mm_struct eliminates this vulnerability. Signed-off-by: Stephen Wilson <wilsons@start.ca> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

Diffstat (limited to 'tools/perf/scripts/python')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: