|
Message-ID: <20110905203627.GL761@sun> Date: Tue, 6 Sep 2011 00:36:27 +0400 From: Cyrill Gorcunov <gorcunov@...il.com> To: Vasiliy Kulikov <segoon@...nwall.com> Cc: Andrew Morton <akpm@...ux-foundation.org>, "Kirill A. Shutemov" <kirill@...temov.name>, containers@...ts.osdl.org, linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org, Nathan Lynch <ntl@...ox.com>, kernel-hardening@...ts.openwall.com, Oren Laadan <orenl@...columbia.edu>, Daniel Lezcano <dlezcano@...ibm.com>, Glauber Costa <glommer@...allels.com>, James Bottomley <jbottomley@...allels.com>, Tejun Heo <tj@...nel.org>, Alexey Dobriyan <adobriyan@...il.com>, Al Viro <viro@...IV.linux.org.uk>, Pavel Emelyanov <xemul@...allels.com> Subject: Re: [patch 2/2] fs, proc: Introduce the /proc/<pid>/map_files/ directory v6 On Mon, Sep 05, 2011 at 11:49:08PM +0400, Vasiliy Kulikov wrote: ... > > Actually, it can be speed up by introducing the same ptrace check. If > ptrace check fails, then just drop the dentry, otherwise continue to use > it. Then each revalidate would trigger ptrace check instead of full > drop-lookup-alloc cycle. If one process actively looks into > map_files/ or fd/, it will not become significantly slower. However, it > will trigger 2 capable() fail alerts in ptrace_may_access() instead of > one :) Hmm, at least it's better than trashing dcache I think. > > But I still see one very nasty issue - one may trigger this ptrace check, > trigger d_drop() and then look at /proc/slabinfo at "dentry" row. If > the number has changed, then the interested dentry existed before the > revalidate call. This infoleak is tricky to fix without any race. > > Probably it's time to close /proc/slabinfo infoleak? > Actually I miss to see how exactly this infoleak can be used by attacker or whoever. So, Vasiliy, what the security issue there? Cyrill
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.