On 09/20/16 18:07, H. Peter Anvin wrote:
>> - vvar is highly magical. IMO letting it get mapped with VM_MAYWRITE
>> is asking for trouble, as anything that writes it will COW it, leading
>> to strange malfunctions.
The vvar page obviously needs to be mapped MAP_SHARED, and the
underlying file needs to reject writes. A solution where this area
doesn't end up MAP_SHARED is obviously defective.
As far as keeping the user from doing really stupid things... they can
map a RAM page over the vvar area and there is nothing the kernel really
can do to keep them from doing something like that without doing things
that are probably way worse than the disease. At least it will be
obvious looking at the mapping file what is going on.