diff options
author | Stephen Wilson <wilsons@start.ca> | 2011-03-13 22:49:23 +0300 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2011-03-23 23:36:59 +0300 |
commit | 8b0db9db19858b08c46a84540acfd35f6e6487b8 (patch) | |
tree | f8cad66b43b21ac8cc58c6173b86aaa9ee3d4b5f /Documentation/Intel-IOMMU.txt | |
parent | 18f661bcf898742212182d75f22f05b048cc04bb (diff) | |
download | linux-8b0db9db19858b08c46a84540acfd35f6e6487b8.tar.xz |
proc: make check_mem_permission() return an mm_struct on success
This change allows us to take advantage of access_remote_vm(), which in turn
eliminates a security issue with the mem_write() implementation.
The previous implementation of mem_write() was insecure since the target task
could exec a setuid-root binary between the permission check and the actual
write. Holding a reference to the target mm_struct eliminates this
vulnerability.
Signed-off-by: Stephen Wilson <wilsons@start.ca>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'Documentation/Intel-IOMMU.txt')
0 files changed, 0 insertions, 0 deletions