Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / 8b0db9db19858b08c46a84540acfd35f6e6487b8
commit8b0db9db19858b08c46a84540acfd35f6e6487b8[log] [tgz]
authorStephen Wilson <wilsons@start.ca>Sun Mar 13 15:49:23 2011 -0400
committerAl Viro <viro@zeniv.linux.org.uk>Wed Mar 23 16:36:59 2011 -0400
treef8cad66b43b21ac8cc58c6173b86aaa9ee3d4b5f
parent18f661bcf898742212182d75f22f05b048cc04bb [diff]
proc: make check_mem_permission() return an mm_struct on success

This change allows us to take advantage of access_remote_vm(), which in turn
eliminates a security issue with the mem_write() implementation.

The previous implementation of mem_write() was insecure since the target task
could exec a setuid-root binary between the permission check and the actual
write.  Holding a reference to the target mm_struct eliminates this
vulnerability.

Signed-off-by: Stephen Wilson <wilsons@start.ca>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
1 file changed
tree: f8cad66b43b21ac8cc58c6173b86aaa9ee3d4b5f
  1. arch/
  2. block/
  3. crypto/
  4. Documentation/
  5. drivers/
  6. firmware/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. mm/
  14. net/
  15. samples/
  16. scripts/
  17. security/
  18. sound/
  19. tools/
  20. usr/
  21. virt/
  22. .gitignore
  23. .mailmap
  24. COPYING
  25. CREDITS
  26. Kbuild
  27. Kconfig
  28. MAINTAINERS
  29. Makefile
  30. README
  31. REPORTING-BUGS