| Message ID | 20210527001150.38562-1-cascardo@canonical.com |
|---|---|
| Headers | show |
| Series | CVE-2021-3489 fixups | expand |
Acked-by: Tim Gardner <tim.gardner@canonical.com> On 5/26/21 6:11 PM, Thadeu Lima de Souza Cascardo wrote: > We ended up applying a version of the fix that had a bug that prevents the > mapping from being mprotect(PROT_WRITE). > > We revert our version of the fix and apply the upstream version. > > This was tested against reproducers for the original issue. Also tested by > doing mprotect(PROT_READ) followed with mprotect(PROT_WRITE), which fails > without this change. It works fine with this patchset. > > Andrii Nakryiko (1): > bpf: Prevent writable memory-mapping of read-only ringbuf pages > > Thadeu Lima de Souza Cascardo (1): > UBUNTU: SAUCE: Revert "UBUNTU: SAUCE: bpf: prevent writable > memory-mapping of read-only ringbuf pages" > > kernel/bpf/ringbuf.c | 8 ++++---- > 1 file changed, 4 insertions(+), 4 deletions(-) >
On 27.05.21 02:11, Thadeu Lima de Souza Cascardo wrote: > We ended up applying a version of the fix that had a bug that prevents the > mapping from being mprotect(PROT_WRITE). > > We revert our version of the fix and apply the upstream version. > > This was tested against reproducers for the original issue. Also tested by > doing mprotect(PROT_READ) followed with mprotect(PROT_WRITE), which fails > without this change. It works fine with this patchset. > > Andrii Nakryiko (1): > bpf: Prevent writable memory-mapping of read-only ringbuf pages > > Thadeu Lima de Souza Cascardo (1): > UBUNTU: SAUCE: Revert "UBUNTU: SAUCE: bpf: prevent writable > memory-mapping of read-only ringbuf pages" > > kernel/bpf/ringbuf.c | 8 ++++---- > 1 file changed, 4 insertions(+), 4 deletions(-) > Acked-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com> Thanks
On 27.05.21 02:11, Thadeu Lima de Souza Cascardo wrote: > We ended up applying a version of the fix that had a bug that prevents the > mapping from being mprotect(PROT_WRITE). > > We revert our version of the fix and apply the upstream version. > > This was tested against reproducers for the original issue. Also tested by > doing mprotect(PROT_READ) followed with mprotect(PROT_WRITE), which fails > without this change. It works fine with this patchset. > > Andrii Nakryiko (1): > bpf: Prevent writable memory-mapping of read-only ringbuf pages > > Thadeu Lima de Souza Cascardo (1): > UBUNTU: SAUCE: Revert "UBUNTU: SAUCE: bpf: prevent writable > memory-mapping of read-only ringbuf pages" > > kernel/bpf/ringbuf.c | 8 ++++---- > 1 file changed, 4 insertions(+), 4 deletions(-) > Applied to [groovy/hirsute]:linux. Thanks, Kleber
On 27.5.2021 3.11, Thadeu Lima de Souza Cascardo wrote: > We ended up applying a version of the fix that had a bug that prevents the > mapping from being mprotect(PROT_WRITE). > > We revert our version of the fix and apply the upstream version. > > This was tested against reproducers for the original issue. Also tested by > doing mprotect(PROT_READ) followed with mprotect(PROT_WRITE), which fails > without this change. It works fine with this patchset. > > Andrii Nakryiko (1): > bpf: Prevent writable memory-mapping of read-only ringbuf pages > > Thadeu Lima de Souza Cascardo (1): > UBUNTU: SAUCE: Revert "UBUNTU: SAUCE: bpf: prevent writable > memory-mapping of read-only ringbuf pages" > > kernel/bpf/ringbuf.c | 8 ++++---- > 1 file changed, 4 insertions(+), 4 deletions(-) >
We ended up applying a version of the fix that had a bug that prevents the mapping from being mprotect(PROT_WRITE). We revert our version of the fix and apply the upstream version. This was tested against reproducers for the original issue. Also tested by doing mprotect(PROT_READ) followed with mprotect(PROT_WRITE), which fails without this change. It works fine with this patchset. Andrii Nakryiko (1): bpf: Prevent writable memory-mapping of read-only ringbuf pages Thadeu Lima de Souza Cascardo (1): UBUNTU: SAUCE: Revert "UBUNTU: SAUCE: bpf: prevent writable memory-mapping of read-only ringbuf pages" kernel/bpf/ringbuf.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-)