On Mon, Aug 26, 2019 at 12:32:03PM +0300, Lev Olshvang wrote: > <div> </div><div> </div><div>I am in the process of developing patch to > restrict process ability to write to other process read-only > patch.</div><div> </div><div>I have sent this patch to kernel-hardening list > and waiting for a comments (this is my first patch to > kernel)</div><div>https://www.openwall.com/lists/kernel-hardening/2019/08/24/1</div><div> > </div><div> </div><div>Meanwhie I started to explore idea of restricting > process from writes to write enabled pages of another process > vma.</div><div> </div><div>To my surprise ( I am not such esperienced) many > processes , systemd-journal, Xorg, dbus-server, konsole were caught by > highlkighted if below, but system continues to WORK NORMALLY !</div><div> > </div><div>Can somedody to comment please ?</div><div> </div><div>Here is the > code snippet of function arch_vma_access_permitted()</div><div><div>static > inline bool arch_vma_access_permitted(struct vm_area_struct *vma,</div><div> > bool write, bool execute, bool foreign)</div><div>{<!-- > --></div><div> </div><div> </div><div> /* Forbid write to PROT_READ > pages of foreign process */</div><div> if (write && foreign > && (!(vma->vm_flags & VM_WRITE)))</div><div> > return false;</div><div> <strong>/* Forbid write to write-enabled of > foreign process */</strong></div><div><strong> if (current->mm > && current->mm != vma->vm_mm){<!-- > --></strong></div><div><strong> if (current->in_execve) > {<!-- --></strong></div><div><strong> return > true;</strong></div><div><strong> > }</strong></div><div><strong> </strong></div><div><strong> > pr_err("FOREIGN WRITE? current->mm != vma->vm_mm pid %d \n", > current->pid);</strong></div><div><strong> return > false;</strong></div><div><strong> }</strong></div><div> </div><div> > </div><div> </div></div> > _______________________________________________ > Kernelnewbies mailing list > [email protected] > https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
Hi Lev, You sent this email as a html email rather than plain text. The only thing that appears on my mutt mail client is a bunch of gibberish html. You should send mails to the mailing lists by a plain text client like mutt, thunderbird etc. Thank you Bharath _______________________________________________ Kernelnewbies mailing list [email protected] https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
