• Dave Hansen's avatar
    mm/core: Do not enforce PKEY permissions on remote mm access · 1b2ee126
    Dave Hansen authored
    We try to enforce protection keys in software the same way that we
    do in hardware.  (See long example below).
    But, we only want to do this when accessing our *own* process's
    memory.  If GDB set PKRU[6].AD=1 (disable access to PKEY 6), then
    tried to PTRACE_POKE a target process which just happened to have
    some mprotect_pkey(pkey=6) memory, we do *not* want to deny the
    debugger access to that memory.  PKRU is fundamentally a
    thread-local structure and we do not want to enforce it on access
    to _another_ thread's data.
    This gets especially tricky when we have workqueues or other
    delayed-work mechanisms that might run in a random process's context.
    We can check that we only enforce pkeys when operating on our *own* mm,
    but delayed work gets performed when a random user context is active.
    We might end up with a situation where a delayed-work gup fails when
    running randomly under its "own" task but succeeds when running under
    another process.  We wan...
gup.c 43.7 KB