proc: make check_mem_permission() return an mm_struct on success - blaster4385/linux-IllusionX - Linux kernel with personal config changes for arch linux

diff options

author	Stephen Wilson <[email protected]>	2011-03-13 15:49:23 -0400
committer	Al Viro <[email protected]>	2011-03-23 16:36:59 -0400
commit	8b0db9db19858b08c46a84540acfd35f6e6487b8 (patch)
tree	f8cad66b43b21ac8cc58c6173b86aaa9ee3d4b5f /tools/perf/scripts/python/net_dropmonitor.py
parent	18f661bcf898742212182d75f22f05b048cc04bb (diff)

proc: make check_mem_permission() return an mm_struct on success

This change allows us to take advantage of access_remote_vm(), which in turn eliminates a security issue with the mem_write() implementation. The previous implementation of mem_write() was insecure since the target task could exec a setuid-root binary between the permission check and the actual write. Holding a reference to the target mm_struct eliminates this vulnerability. Signed-off-by: Stephen Wilson <[email protected]> Signed-off-by: Al Viro <[email protected]>

Diffstat (limited to 'tools/perf/scripts/python/net_dropmonitor.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: