09 May, 2007

1 commit

• 5096add84   proc: maps protection ... Browse Code »

  The /proc/pid/ "maps", "smaps", and "numa_maps" files contain sensitive
  information about the memory location and usage of processes. Issues:

  - maps should not be world-readable, especially if programs expect any
  kind of ASLR protection from local attackers.
  - maps cannot just be 0400 because "-D_FORTIFY_SOURCE=2 -O2" makes glibc
  check the maps when %n is in a *printf call, and a setuid(getuid())
  process wouldn't be able to read its own maps file. (For reference
  see http://lkml.org/lkml/2006/1/22/150)
  - a system-wide toggle is needed to allow prior behavior in the case of
  non-root applications that depend on access to the maps contents.

  This change implements a check using "ptrace_may_attach" before allowing
  access to read the maps contents. To control this protection, the new knob
  /proc/sys/kernel/maps_protect has been added, with corresponding updates to
  the procfs documentation.

  [akpm@linux-foundation.org: build fixes]
  [akpm@linux-foundation.org: New sysctl numbers are old hat]
  Signed-off-by: Kees Cook
  Cc: Arjan van de Ven
  Signed-off-by: Andrew Morton
  Signed-off-by: Linus Torvalds

  Kees Cook

  2007-05-09 02:15:02 +0800  

03 Apr, 2007

1 commit

• 05565b65a   [PATCH] proc: fix linkage with CONFIG_SYSCTL=y, CONFIG_PROC_SYSCTL=n ... Browse Code »

  We're using #ifdef CONFIG_SYSCTL, but we should be using CONFIG_PROC_SYSCTL,
  so we get

  fs/built-in.o: In function `proc_root_init':
  /usr/src/linux/fs/proc/root.c:83: undefined reference to `proc_sys_init'

  Fix that up and remove an ifdef-in-C.

  Cc: "Eric W. Biederman"
  Cc: Helge Hafting
  Signed-off-by: Andrew Morton
  Signed-off-by: Linus Torvalds

  Andrew Morton

  2007-04-03 01:06:08 +0800  

15 Feb, 2007

1 commit

• 77b14db50   [PATCH] sysctl: reimplement the sysctl proc support ... Browse Code »

  With this change the sysctl inodes can be cached and nothing needs to be done
  when removing a sysctl table.

  For a cost of 2K code we will save about 4K of static tables (when we remove
  de from ctl_table) and 70K in proc_dir_entries that we will not allocate, or
  about half that on a 32bit arch.

  The speed feels about the same, even though we can now cache the sysctl
  dentries :(

  We get the core advantage that we don't need to have a 1 to 1 mapping between
  ctl table entries and proc files. Making it possible to have /proc/sys vary
  depending on the namespace you are in. The currently merged namespaces don't
  have an issue here but the network namespace under /proc/sys/net needs to have
  different directories depending on which network adapters are visible. By
  simply being a cache different directories being visible depending on who you
  are is trivial to implement.

  [akpm@osdl.org: fix uninitialised var]
  [akpm@osdl.org: fix ARM build]
  [bunk@stusta.de: make things static]
  Signed-off-by: Eric W. Biederman
  Cc: Russell King
  Signed-off-by: Andrew Morton
  Signed-off-by: Linus Torvalds

  Eric W. Biederman

  2007-02-15 00:10:00 +0800  

13 Feb, 2007

1 commit

• 00977a59b   [PATCH] mark struct file_operations const 6 ... Browse Code »

  Many struct file_operations in the kernel can be "const". Marking them const
  moves these to the .rodata section, which avoids false sharing with potential
  dirty data. In addition it'll catch accidental writes at compile time to
  these shared resources.

  Signed-off-by: Arjan van de Ven
  Signed-off-by: Andrew Morton
  Signed-off-by: Linus Torvalds

  Arjan van de Ven

  2007-02-13 01:48:45 +0800  

27 Sep, 2006

1 commit

• dbf8685c8   [PATCH] NOMMU: Implement /proc/pid/maps for NOMMU ... Browse Code »

  Implement /proc/pid/maps for NOMMU by reading the vm_area_list attached to
  current->mm->context.vmlist.

  Signed-off-by: David Howells
  Signed-off-by: Andrew Morton
  Signed-off-by: Linus Torvalds

  David Howells

  2006-09-27 23:26:14 +0800  

27 Jun, 2006

4 commits

• 13b41b094   [PATCH] proc: Use struct pid not struct task_ref ... Browse Code »

  Incrementally update my proc-dont-lock-task_structs-indefinitely patches so
  that they work with struct pid instead of struct task_ref.

  Mostly this is a straight 1-1 substitution.

  Signed-off-by: Eric W. Biederman
  Signed-off-by: Andrew Morton
  Signed-off-by: Linus Torvalds

  Eric W. Biederman

  2006-06-27 00:58:26 +0800  
• 99f895518   [PATCH] proc: don't lock task_structs indefinitely ... Browse Code »

  Every inode in /proc holds a reference to a struct task_struct. If a
  directory or file is opened and remains open after the the task exits this
  pinning continues. With 8K stacks on a 32bit machine the amount pinned per
  file descriptor is about 10K.

  Normally I would figure a reasonable per user process limit is about 100
  processes. With 80 processes, with a 1000 file descriptors each I can trigger
  the 00M killer on a 32bit kernel, because I have pinned about 800MB of useless
  data.

  This patch replaces the struct task_struct pointer with a pointer to a struct
  task_ref which has a struct task_struct pointer. The so the pinning of dead
  tasks does not happen.

  The code now has to contend with the fact that the task may now exit at any
  time. Which is a little but not muh more complicated.

  With this change it takes about 1000 processes each opening up 1000 file
  descriptors before I can trigger the OOM killer. Much better.

  [mlp@google.com: task_mmu small fixes]
  Signed-off-by: Eric W. Biederman
  Cc: Trond Myklebust
  Cc: Paul Jackson
  Cc: Oleg Nesterov
  Cc: Albert Cahalan
  Signed-off-by: Prasanna Meda
  Signed-off-by: Andrew Morton
  Signed-off-by: Linus Torvalds

  Eric W. Biederman

  2006-06-27 00:58:25 +0800  
• 662795deb   [PATCH] proc: Move proc_maps_operations into task_mmu.c ... Browse Code »

  All of the functions for proc_maps_operations are already defined in
  task_mmu.c so move the operations structure to keep the functionality
  together.

  Since task_nommu.c implements a dummy version of /proc//maps give it a
  simplified version of proc_maps_operations that it can modify to best suit its
  needs.

  Signed-off-by: Eric W. Biederman
  Signed-off-by: Andrew Morton
  Signed-off-by: Linus Torvalds

  Eric W. Biederman

  2006-06-27 00:58:24 +0800  
• aed7a6c47   [PATCH] proc: Replace proc_inode.type with proc_inode.fd ... Browse Code »

  The sole renaming use of proc_inode.type is to discover the file descriptor
  number, so just store the file descriptor number and don't wory about
  processing this field. This removes any /proc limits on the maximum number of
  file descriptors, and clears the path to make the hard coded /proc inode
  numbers go away.

  Signed-off-by: Eric W. Biederman
  Signed-off-by: Andrew Morton
  Signed-off-by: Linus Torvalds

  Eric W. Biederman

  2006-06-27 00:58:24 +0800  

29 Mar, 2006

1 commit

• 99ac48f54   [PATCH] mark f_ops const in the inode ... Browse Code »

  Mark the f_ops members of inodes as const, as well as fix the
  ripple-through this causes by places that copy this f_ops and then "do
  stuff" with it.

  Signed-off-by: Arjan van de Ven
  Signed-off-by: Alexey Dobriyan
  Signed-off-by: Andrew Morton
  Signed-off-by: Linus Torvalds

  Arjan van de Ven

  2006-03-29 01:16:05 +0800  

09 Jan, 2006

1 commit

• fee781e6c   [PATCH] fs/proc/: function prototypes belong in header files ... Browse Code »

  Function prototypes belong into header files.

  Signed-off-by: Adrian Bunk
  Signed-off-by: Andrew Morton
  Signed-off-by: Linus Torvalds

  Adrian Bunk

  2006-01-09 12:14:03 +0800  

17 Apr, 2005

1 commit

• 1da177e4c   Linux-2.6.12-rc2 ... Browse Code »

  Initial git repository build. I'm not bothering with the full history,
  even though we have it. We can create a separate "historical" git
  archive of that later if we want to, and in the meantime it's about
  3.2GB when imported into git - space that would just make the early
  git days unnecessarily complicated, when we don't have a lot of good
  infrastructure for it.

  Let it rip!

  Linus Torvalds

  2005-04-17 06:20:36 +0800