* Valdis.Kletnieksat_private (Valdis.Kletnieksat_private) wrote: > On Mon, 04 Feb 2002 16:43:11 PST, Chris Wright said: > > > the open(2), mmap(2) code path is protected. so reading from a maped > > file is protected, albeit revocation _is_ challenging. have you > > Also challenging for the *application* programmer. 'man 2 mmap' lists > only these errors under using a sucessfully mmap-ed region: > > SIGSEGV > Attempted write into a region specified to mmap as > read-only. > > SIGBUS Attempted access to a portion of the buffer that > does not correspond to the file (for example, > beyond the end of the file, including the case > where another process has truncated the file). > > What error would you return to a userspace program if the mmap'ed > region had been revoked by the kernel? Throw an undocumented SIGSEGV > or SIGBUS, or do something else? as always, the lsm framework is agnostic. the error code is propagated directly from the module's policy engine. it may be part of the module's policy to return bogus error codes. in some cases this is not well-supported by the surrounding kernel code. so in the case of anthony's patch, a SIGBUS is what you'd get stuck with. btw, anthony, i think you should hook in do_no_page, since the ->nopage callback could be something other than filemap_nopage. thanks, -chris _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Mon Feb 04 2002 - 18:47:30 PST