subject:"\[PATCH v2 1\/1\] mm\/madvise\: replace ptrace attach requirement for process

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

2021-03-03 Thread Suren Baghdasaryan

On Tue, Mar 2, 2021 at 4:19 PM Suren Baghdasaryan wrote: > > On Tue, Mar 2, 2021 at 4:17 PM Andrew Morton > wrote: > > > > On Tue, 2 Mar 2021 15:53:39 -0800 Suren Baghdasaryan > > wrote: > > > > > Hi Andrew, > > > A friendly reminder to please include this patch into mm tree. > > > There seem

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

2021-03-03 Thread Suren Baghdasaryan

On Tue, Mar 2, 2021 at 4:17 PM Andrew Morton wrote: > > On Tue, 2 Mar 2021 15:53:39 -0800 Suren Baghdasaryan > wrote: > > > Hi Andrew, > > A friendly reminder to please include this patch into mm tree. > > There seem to be no more questions or objections. > > The man page you requested is

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

2021-03-03 Thread Andrew Morton

On Tue, 2 Mar 2021 15:53:39 -0800 Suren Baghdasaryan wrote: > Hi Andrew, > A friendly reminder to please include this patch into mm tree. > There seem to be no more questions or objections. > The man page you requested is accepted here: >

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

2021-03-03 Thread Suren Baghdasaryan

On Mon, Feb 1, 2021 at 9:34 PM Suren Baghdasaryan wrote: > > On Thu, Jan 28, 2021 at 11:08 PM Suren Baghdasaryan wrote: > > > > On Thu, Jan 28, 2021 at 11:51 AM Suren Baghdasaryan > > wrote: > > > > > > On Tue, Jan 26, 2021 at 5:52 AM 'Michal Hocko' via kernel-team > > > wrote: > > > > > > >

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

2021-02-01 Thread Suren Baghdasaryan

On Thu, Jan 28, 2021 at 11:08 PM Suren Baghdasaryan wrote: > > On Thu, Jan 28, 2021 at 11:51 AM Suren Baghdasaryan wrote: > > > > On Tue, Jan 26, 2021 at 5:52 AM 'Michal Hocko' via kernel-team > > wrote: > > > > > > On Wed 20-01-21 14:17:39, Jann Horn wrote: > > > > On Wed, Jan 13, 2021 at 3:22

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

2021-01-28 Thread Suren Baghdasaryan

On Thu, Jan 28, 2021 at 11:51 AM Suren Baghdasaryan wrote: > > On Tue, Jan 26, 2021 at 5:52 AM 'Michal Hocko' via kernel-team > wrote: > > > > On Wed 20-01-21 14:17:39, Jann Horn wrote: > > > On Wed, Jan 13, 2021 at 3:22 PM Michal Hocko wrote: > > > > On Tue 12-01-21 09:51:24, Suren

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

2021-01-28 Thread Suren Baghdasaryan

On Tue, Jan 26, 2021 at 5:52 AM 'Michal Hocko' via kernel-team wrote: > > On Wed 20-01-21 14:17:39, Jann Horn wrote: > > On Wed, Jan 13, 2021 at 3:22 PM Michal Hocko wrote: > > > On Tue 12-01-21 09:51:24, Suren Baghdasaryan wrote: > > > > On Tue, Jan 12, 2021 at 9:45 AM Oleg Nesterov wrote: > >

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

2021-01-26 Thread Michal Hocko

On Wed 20-01-21 14:17:39, Jann Horn wrote: > On Wed, Jan 13, 2021 at 3:22 PM Michal Hocko wrote: > > On Tue 12-01-21 09:51:24, Suren Baghdasaryan wrote: > > > On Tue, Jan 12, 2021 at 9:45 AM Oleg Nesterov wrote: > > > > > > > > On 01/12, Michal Hocko wrote: > > > > > > > > > > On Mon 11-01-21

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

2021-01-20 Thread Suren Baghdasaryan

On Wed, Jan 20, 2021 at 8:57 AM Suren Baghdasaryan wrote: > > On Wed, Jan 20, 2021 at 5:18 AM Jann Horn wrote: > > > > On Wed, Jan 13, 2021 at 3:22 PM Michal Hocko wrote: > > > On Tue 12-01-21 09:51:24, Suren Baghdasaryan wrote: > > > > On Tue, Jan 12, 2021 at 9:45 AM Oleg Nesterov wrote: > >

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

2021-01-20 Thread Suren Baghdasaryan

On Wed, Jan 20, 2021 at 5:18 AM Jann Horn wrote: > > On Wed, Jan 13, 2021 at 3:22 PM Michal Hocko wrote: > > On Tue 12-01-21 09:51:24, Suren Baghdasaryan wrote: > > > On Tue, Jan 12, 2021 at 9:45 AM Oleg Nesterov wrote: > > > > > > > > On 01/12, Michal Hocko wrote: > > > > > > > > > > On Mon

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

2021-01-20 Thread Suren Baghdasaryan

On Tue, Jan 19, 2021 at 9:02 PM James Morris wrote: > > On Mon, 11 Jan 2021, Suren Baghdasaryan wrote: > > > Replace PTRACE_MODE_ATTACH with a combination of PTRACE_MODE_READ > > and CAP_SYS_NICE. PTRACE_MODE_READ to prevent leaking ASLR metadata > > and CAP_SYS_NICE for influencing process

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

2021-01-20 Thread Jann Horn

On Wed, Jan 13, 2021 at 3:22 PM Michal Hocko wrote: > On Tue 12-01-21 09:51:24, Suren Baghdasaryan wrote: > > On Tue, Jan 12, 2021 at 9:45 AM Oleg Nesterov wrote: > > > > > > On 01/12, Michal Hocko wrote: > > > > > > > > On Mon 11-01-21 09:06:22, Suren Baghdasaryan wrote: > > > > > > > > > What

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

2021-01-19 Thread James Morris

On Mon, 11 Jan 2021, Suren Baghdasaryan wrote: > Replace PTRACE_MODE_ATTACH with a combination of PTRACE_MODE_READ > and CAP_SYS_NICE. PTRACE_MODE_READ to prevent leaking ASLR metadata > and CAP_SYS_NICE for influencing process performance. Almost missed these -- please cc the LSM mailing list

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

2021-01-13 Thread Suren Baghdasaryan

On Wed, Jan 13, 2021 at 6:22 AM Michal Hocko wrote: > > On Tue 12-01-21 09:51:24, Suren Baghdasaryan wrote: > > On Tue, Jan 12, 2021 at 9:45 AM Oleg Nesterov wrote: > > > > > > On 01/12, Michal Hocko wrote: > > > > > > > > On Mon 11-01-21 09:06:22, Suren Baghdasaryan wrote: > > > > > > > > >

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

2021-01-13 Thread Michal Hocko

On Tue 12-01-21 09:51:24, Suren Baghdasaryan wrote: > On Tue, Jan 12, 2021 at 9:45 AM Oleg Nesterov wrote: > > > > On 01/12, Michal Hocko wrote: > > > > > > On Mon 11-01-21 09:06:22, Suren Baghdasaryan wrote: > > > > > > > What we want is the ability for one process to influence another process >

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

2021-01-13 Thread Michal Hocko

On Tue 12-01-21 10:12:03, Suren Baghdasaryan wrote: > On Mon, Jan 11, 2021 at 11:46 PM Michal Hocko wrote: > > > > On Mon 11-01-21 09:06:22, Suren Baghdasaryan wrote: > > > process_madvise currently requires ptrace attach capability. > > > PTRACE_MODE_ATTACH gives one process complete control

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

2021-01-12 Thread Suren Baghdasaryan

On Mon, Jan 11, 2021 at 11:46 PM Michal Hocko wrote: > > On Mon 11-01-21 09:06:22, Suren Baghdasaryan wrote: > > process_madvise currently requires ptrace attach capability. > > PTRACE_MODE_ATTACH gives one process complete control over another > > process. It effectively removes the security

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

2021-01-12 Thread Suren Baghdasaryan

On Tue, Jan 12, 2021 at 9:45 AM Oleg Nesterov wrote: > > On 01/12, Michal Hocko wrote: > > > > On Mon 11-01-21 09:06:22, Suren Baghdasaryan wrote: > > > > > What we want is the ability for one process to influence another process > > > in order to optimize performance across the entire system

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

2021-01-12 Thread Oleg Nesterov

On 01/12, Michal Hocko wrote: > > On Mon 11-01-21 09:06:22, Suren Baghdasaryan wrote: > > > What we want is the ability for one process to influence another process > > in order to optimize performance across the entire system while leaving > > the security boundary intact. > > Replace

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

2021-01-12 Thread Suren Baghdasaryan

On Mon, Jan 11, 2021 at 5:22 PM Andrew Morton wrote: > > On Mon, 11 Jan 2021 09:06:22 -0800 Suren Baghdasaryan > wrote: > > > process_madvise currently requires ptrace attach capability. > > PTRACE_MODE_ATTACH gives one process complete control over another > > process. It effectively removes

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

2021-01-11 Thread Michal Hocko

On Mon 11-01-21 09:06:22, Suren Baghdasaryan wrote: > process_madvise currently requires ptrace attach capability. > PTRACE_MODE_ATTACH gives one process complete control over another > process. It effectively removes the security boundary between the > two processes (in one direction). Granting

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

2021-01-11 Thread Andrew Morton

On Mon, 11 Jan 2021 09:06:22 -0800 Suren Baghdasaryan wrote: > process_madvise currently requires ptrace attach capability. > PTRACE_MODE_ATTACH gives one process complete control over another > process. It effectively removes the security boundary between the > two processes (in one direction).

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

2021-01-11 Thread Kees Cook

On Mon, Jan 11, 2021 at 09:06:22AM -0800, Suren Baghdasaryan wrote: > process_madvise currently requires ptrace attach capability. > PTRACE_MODE_ATTACH gives one process complete control over another > process. It effectively removes the security boundary between the > two processes (in one

[PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

2021-01-11 Thread Suren Baghdasaryan

process_madvise currently requires ptrace attach capability. PTRACE_MODE_ATTACH gives one process complete control over another process. It effectively removes the security boundary between the two processes (in one direction). Granting ptrace attach capability even to a system process is

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

[PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise

24 matches

Site Navigation

Mail list logo

Footer information