Comment 79 for bug 190587

(In reply to comment #18)
> There is also a kernel module fix that catches vmsplice calls:
> http://home.powertech.no/oystein/ptpatch2008/
>
> Makefile and source code worked as is for my 2.6.23.14-115.fc8 x86_64 kernel.
> After insmod, execution of the exploit fails:
>
> $ sudo insmod ptpatch2008.ko
> $ dmesg | tail -3
> ptpatch2008: init, (c) 2008 <email address hidden>
> ptpatch2008: syscalls ffffffff81270780
> hooked sys_vmsplice
> $ ./exploit_test
> [...]
> [-] vmsplice: Invalid argument
> $ dmesg | tail -4
> ptpatch2008: init, (c) 2008 <email address hidden>
> ptpatch2008: syscalls ffffffff81270780
> hooked sys_vmsplice
> ptpatch2008: possible EXPLOIT attempt by uid 500.

This is perfect for our needs. Can anyone confirm that this patch is safe? I'm
afraid my code reviewing days are behind me. :)

-Matt