Hi,
On Thu, 2024-10-24 at 21:52 +0800, Tiwei Bie wrote:
> On 2024/10/23 22:08, Benjamin Berg wrote:
> [...]
>
>
> It looks the memcpy could trigger a crash when UML_SECCOMP is
> enabled:
>
> [...]
>
> It can be fixed with changes like below on my machine:
>
> diff --git a/arch/um/include/shar
On 2024/10/23 22:08, Benjamin Berg wrote:
[...]
> diff --git a/arch/um/os-Linux/skas/process.c b/arch/um/os-Linux/skas/process.c
> index c663b67c3fd3..a29957e021f3 100644
> --- a/arch/um/os-Linux/skas/process.c
> +++ b/arch/um/os-Linux/skas/process.c
> @@ -16,6 +16,7 @@
> #include
> #include
>
From: Benjamin Berg
Instead of always sharing the FDs with the userspace process, only hand
over the FDs needed for mmap when required. The idea is that userspace
might be able to force the stub into executing an mmap syscall, however,
it will not be able to manipulate the control flow sufficient
