On 03/09/2015 04:08 PM, Eric W. Biederman wrote: > If the concern is to protect against root getting into the kernel the > "trusted_kernel" snake-oil just compile out the pagemap file. Nothing > else is remotely interesting from a mainenance point of view.
The paper I linked to showed one example of how pagemap makes a user->kernel exploint _easier_. Note that the authors had another way of actually doing the exploit when pagemap was not available, but it required some more trouble than if pagemap was around. I mentioned the "trusted_kernel" stuff as an aside. It's really not the main concern. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
