[RFC PATCH bpf-next seccomp 10/12] seccomp-ebpf: Add ability to read user memory
Alexei Starovoitov
alexei.starovoitov at gmail.com
Tue May 11 02:04:25 UTC 2021
On Mon, May 10, 2021 at 12:22:47PM -0500, YiFei Zhu wrote:
>
> +BPF_CALL_3(bpf_probe_read_user_dumpable, void *, dst, u32, size,
> + const void __user *, unsafe_ptr)
> +{
> + int ret = -EPERM;
> +
> + if (get_dumpable(current->mm))
> + ret = copy_from_user_nofault(dst, unsafe_ptr, size);
Could you explain a bit more how dumpable flag makes it safe for unpriv?
The unpriv prog is attached to the children tasks only, right?
and dumpable gets cleared if euid changes?
More information about the Linux-security-module-archive
mailing list