From patchwork Thu Sep 8 09:39:19 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vincent Whitchurch X-Patchwork-Id: 12969853 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 41256C54EE9 for ; Thu, 8 Sep 2022 09:39:27 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 58D698D0001; Thu, 8 Sep 2022 05:39:26 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 53D176B0073; Thu, 8 Sep 2022 05:39:26 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 42BF68D0001; Thu, 8 Sep 2022 05:39:26 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 3458D6B0072 for ; Thu, 8 Sep 2022 05:39:26 -0400 (EDT) Received: from smtpin10.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id 02DAE16196C for ; Thu, 8 Sep 2022 09:39:25 +0000 (UTC) X-FDA: 79888420332.10.2755EC6 Received: from smtp2.axis.com (smtp2.axis.com [195.60.68.18]) by imf16.hostedemail.com (Postfix) with ESMTP id 687EB180078 for ; Thu, 8 Sep 2022 09:39:24 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=axis.com; q=dns/txt; s=axis-central1; t=1662629964; x=1694165964; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=GYN6K1XEtbZIYFOF497nm3dEoRDRacw5iqjWmI9bicw=; b=IPt7R8umkSRLqG6rKo7463x8E1Y9A8G8Uaba+L4qYBPKCeKvcUVau/AC 0e317wZ1O8E4bm5ojkRc2MyTa5UF1K69zEEW9mdMIQRPn3uspFY7WwrNh WSeBI3xLjDU2KpBJwWrN6BKWTta/0/vjzMLQSKV6sPepHZ1En1Ht3O3Wn GA2HU4q1kMr6MqIaoa2K32aytBaG5BYw0BsvuACj5pqFazUmQBb8T6YPl WllGUWSoNEN7MYOsBDhALiSLRpIV4VHAzvVuQTcfEk78l13LOfssKIpzc nh8QMkytnCk0Qe+d6kSHmij4NLwcq7cLkoDJWJIsPjOFN49dGC0kVijOk w==; From: Vincent Whitchurch To: CC: , , , , , Vincent Whitchurch , , Subject: [PATCH] proc: Enable smaps_rollup without ptrace rights Date: Thu, 8 Sep 2022 11:39:19 +0200 Message-ID: <20220908093919.843346-1-vincent.whitchurch@axis.com> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1662629964; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:in-reply-to: references:dkim-signature; bh=GYN6K1XEtbZIYFOF497nm3dEoRDRacw5iqjWmI9bicw=; b=Pt/9umh4y4og6OHbUwxRBHkAl6k+zeYueJZ0/HzDFsfCecYUdmfSLwETwpP3bqGZBpSGLi xs9v2j4GFgXkUf3M2FSMBOV5VvQ6PaTx6WDE8lC2BqKCHx4HHzGdwrbaIes5SRLyvev2d3 P3z1lA/KB/T0hvIrNrNlA5fH868m6yg= ARC-Authentication-Results: i=1; imf16.hostedemail.com; dkim=pass header.d=axis.com header.s=axis-central1 header.b=IPt7R8um; dmarc=pass (policy=none) header.from=axis.com; spf=pass (imf16.hostedemail.com: domain of Vincent.Whitchurch@axis.com designates 195.60.68.18 as permitted sender) smtp.mailfrom=Vincent.Whitchurch@axis.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1662629964; a=rsa-sha256; cv=none; b=gr/+G38Dwdg0Uax9xRcF1ls+Q1MrYZHlSRJdP2pGnVwPxTyn0C8Uvp/ujMNDcSiaC1AKGy /b9omWp7VDrC7hTjlNMnuWxtTUowsX2VSpn+kAekruBcY3a+eheZeso+4VQHWR8eN0d0ze HY3ExW9JW/iF0SzJunyPmoSYGJGQJ7s= X-Stat-Signature: 8zfwy5eashegkbzuewjmko8mtfp6krtw X-Rspamd-Queue-Id: 687EB180078 Authentication-Results: imf16.hostedemail.com; dkim=pass header.d=axis.com header.s=axis-central1 header.b=IPt7R8um; dmarc=pass (policy=none) header.from=axis.com; spf=pass (imf16.hostedemail.com: domain of Vincent.Whitchurch@axis.com designates 195.60.68.18 as permitted sender) smtp.mailfrom=Vincent.Whitchurch@axis.com X-Rspam-User: X-Rspamd-Server: rspam02 X-HE-Tag: 1662629964-3166 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: smaps_rollup is currently only allowed on processes which the user has ptrace permissions for, since it uses a common proc open function used by other files like mem and smaps. However, while smaps provides detailed, individual information about each memory map in the process (justifying its ptrace rights requirement), smaps_rollup only provides a summary of the memory usage, which is not unlike the information available from other places like the status and statm files, which do not need ptrace permissions. The first line of smaps_rollup could however be sensitive, since it exposes the randomized start and end of the process' address space. This information however does not seem essential to smap_rollup's purpose and could be replaced with placeholder values to preserve the format without leaking information. (I could not find any user space in Debian or Android which uses the information in the first line.) Replace the start with 0 and end with ~0 and allow smaps_rollup to be opened and read regardless of ptrace permissions. Signed-off-by: Vincent Whitchurch --- fs/proc/base.c | 18 +++++++++++++++--- fs/proc/internal.h | 1 + fs/proc/task_mmu.c | 5 ++--- 3 files changed, 18 insertions(+), 6 deletions(-) diff --git a/fs/proc/base.c b/fs/proc/base.c index 93f7e3d971e4..9482eb3954de 100644 --- a/fs/proc/base.c +++ b/fs/proc/base.c @@ -792,14 +792,16 @@ static const struct file_operations proc_single_file_operations = { .release = single_release, }; - -struct mm_struct *proc_mem_open(struct inode *inode, unsigned int mode) +static struct mm_struct *__proc_mem_open(struct inode *inode, unsigned int mode, bool creds) { struct task_struct *task = get_proc_task(inode); struct mm_struct *mm = ERR_PTR(-ESRCH); if (task) { - mm = mm_access(task, mode | PTRACE_MODE_FSCREDS); + if (creds) + mm = mm_access(task, mode | PTRACE_MODE_FSCREDS); + else + mm = get_task_mm(task); put_task_struct(task); if (!IS_ERR_OR_NULL(mm)) { @@ -813,6 +815,16 @@ struct mm_struct *proc_mem_open(struct inode *inode, unsigned int mode) return mm; } +struct mm_struct *proc_mem_open(struct inode *inode, unsigned int mode) +{ + return __proc_mem_open(inode, mode, true); +} + +struct mm_struct *proc_mem_open_nocreds(struct inode *inode) +{ + return __proc_mem_open(inode, 0, false); +} + static int __mem_open(struct inode *inode, struct file *file, unsigned int mode) { struct mm_struct *mm = proc_mem_open(inode, mode); diff --git a/fs/proc/internal.h b/fs/proc/internal.h index 06a80f78433d..5c906661b018 100644 --- a/fs/proc/internal.h +++ b/fs/proc/internal.h @@ -293,6 +293,7 @@ struct proc_maps_private { } __randomize_layout; struct mm_struct *proc_mem_open(struct inode *inode, unsigned int mode); +struct mm_struct *proc_mem_open_nocreds(struct inode *inode); extern const struct file_operations proc_pid_maps_operations; extern const struct file_operations proc_pid_numa_maps_operations; diff --git a/fs/proc/task_mmu.c b/fs/proc/task_mmu.c index 4e0023643f8b..13f910b51dce 100644 --- a/fs/proc/task_mmu.c +++ b/fs/proc/task_mmu.c @@ -969,8 +969,7 @@ static int show_smaps_rollup(struct seq_file *m, void *v) vma = vma->vm_next; } - show_vma_header_prefix(m, priv->mm->mmap->vm_start, - last_vma_end, 0, 0, 0, 0); + show_vma_header_prefix(m, 0, ~0lu, 0, 0, 0, 0); seq_pad(m, ' '); seq_puts(m, "[rollup]\n"); @@ -1015,7 +1014,7 @@ static int smaps_rollup_open(struct inode *inode, struct file *file) goto out_free; priv->inode = inode; - priv->mm = proc_mem_open(inode, PTRACE_MODE_READ); + priv->mm = proc_mem_open_nocreds(inode); if (IS_ERR(priv->mm)) { ret = PTR_ERR(priv->mm);