Re: How to read-protect a vm_area?

Linus Torvalds (
Mon, 16 Feb 1998 11:40:12 -0800 (PST)

On Mon, 16 Feb 1998, Gabriel Paubert wrote:
> Does it mean that a write(2) with a buffer from an
> mprotect( , , PROT_NONE)'ed area will succeed ?

Yes. I think a read() will modify the pages too (although that would be
easy to change).

> I can't see right now how it could fail (on Intel with kernel v2.1.xx).

Do people really care? I've never seen this as really being an issue, but
PROT_NONE can certainly be implemented other ways too. Any other way is
likely to be rather more involved, so I really would prefer not to do
anything about it.

Note that this is an issue only for something that _has_ been accessible
and then has turned into PROT_NONE by using mprotect() - because if the
pages aren't there at all then the page fault handler will refuse to page
them in even when the access is done from kernel space.

Note that passing a bad pointer to a system call falls under "undefined
behaviour" anyway (although most systems try to return EFAULT), so the
answer as far as I'm concerned is "don't do that, then". Note that the
system itself (or security) is not compromised by any of this.


To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to