From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-3.8 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 340A1C433DB for ; Wed, 20 Jan 2021 05:02:07 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 04DCC221E3 for ; Wed, 20 Jan 2021 05:02:05 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 04DCC221E3 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=namei.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 3ED026B000A; Wed, 20 Jan 2021 00:02:05 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 39D5F6B000C; Wed, 20 Jan 2021 00:02:05 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 28B986B000D; Wed, 20 Jan 2021 00:02:05 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0117.hostedemail.com [216.40.44.117]) by kanga.kvack.org (Postfix) with ESMTP id 12F5A6B000A for ; Wed, 20 Jan 2021 00:02:05 -0500 (EST) Received: from smtpin15.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay02.hostedemail.com (Postfix) with ESMTP id CFB4A364D for ; Wed, 20 Jan 2021 05:02:04 +0000 (UTC) X-FDA: 77724956568.15.skate55_2d0a40927557 Received: from filter.hostedemail.com (10.5.16.251.rfc1918.com [10.5.16.251]) by smtpin15.hostedemail.com (Postfix) with ESMTP id AB12D1814B0C7 for ; Wed, 20 Jan 2021 05:02:04 +0000 (UTC) X-HE-Tag: skate55_2d0a40927557 X-Filterd-Recvd-Size: 1643 Received: from mail.namei.org (namei.org [65.99.196.166]) by imf37.hostedemail.com (Postfix) with ESMTP for ; Wed, 20 Jan 2021 05:02:04 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.namei.org (Postfix) with ESMTPS id 964A8751; Wed, 20 Jan 2021 05:01:13 +0000 (UTC) Date: Wed, 20 Jan 2021 16:01:13 +1100 (AEDT) From: James Morris To: Suren Baghdasaryan cc: Andrew Morton , jannh@google.com, Kees Cook , jeffv@google.com, minchan@kernel.org, mhocko@suse.com, shakeelb@google.com, rientjes@google.com, edgararriaga@google.com, timmurray@google.com, linux-mm@kvack.org, selinux@vger.kernel.org, linux-api@vger.kernel.org, linux-kernel@vger.kernel.org, kernel-team@android.com, linux-security-module@vger.kernel.org Subject: Re: [PATCH v2 1/1] mm/madvise: replace ptrace attach requirement for process_madvise In-Reply-To: <20210111170622.2613577-1-surenb@google.com> Message-ID: References: <20210111170622.2613577-1-surenb@google.com> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII X-Bogosity: Ham, tests=bogofilter, spamicity=0.000012, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Mon, 11 Jan 2021, Suren Baghdasaryan wrote: > Replace PTRACE_MODE_ATTACH with a combination of PTRACE_MODE_READ > and CAP_SYS_NICE. PTRACE_MODE_READ to prevent leaking ASLR metadata > and CAP_SYS_NICE for influencing process performance. Almost missed these -- please cc the LSM mailing list when modifying capabilities or other LSM-related things. -- James Morris