From: Oleg Nesterov <oleg@redhat.com>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: Alex Kelly <alex.page.kelly@gmail.com>,
"Eric W. Biederman" <ebiederm@xmission.com>,
Josh Triplett <josh@joshtriplett.org>,
Kees Cook <keescook@chromium.org>,
Petr Matousek <pmatouse@redhat.com>,
Vasily Kulikov <segoon@openwall.com>,
linux-arch@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: [PATCH v2 2/3] kill MMF_DUMPABLE and MMF_DUMP_SECURELY
Date: Tue, 19 Nov 2013 15:43:18 +0100 [thread overview]
Message-ID: <20131119144318.GA28865@redhat.com> (raw)
In-Reply-To: <20131119144300.GA28842@redhat.com>
Nobody actually needs MMF_DUMPABLE/MMF_DUMP_SECURELY, they
are only used to enforce the encoding of SUID_DUMP_* enum
in mm->flags & MMF_DUMPABLE_MASK.
Now that set_dumpable() updates both bits atomically we can
kill them and simply store the value "as is" in 2 lower bits.
Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Acked-by: Kees Cook <keescook@chromium.org>
---
fs/exec.c | 21 ++++++---------------
include/linux/sched.h | 4 +---
2 files changed, 7 insertions(+), 18 deletions(-)
diff --git a/fs/exec.c b/fs/exec.c
index 613c9dc..6ce1f86 100644
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -1620,33 +1620,24 @@ void set_binfmt(struct linux_binfmt *new)
EXPORT_SYMBOL(set_binfmt);
/*
- * set_dumpable converts traditional three-value dumpable to two flags and
- * stores them into mm->flags.
+ * set_dumpable stores three-value SUID_DUMP_* into mm->flags.
*/
void set_dumpable(struct mm_struct *mm, int value)
{
unsigned long old, new;
+ if (WARN_ON((unsigned)value > SUID_DUMP_ROOT))
+ return;
+
do {
old = ACCESS_ONCE(mm->flags);
- new = old & ~MMF_DUMPABLE_MASK;
-
- switch (value) {
- case SUID_DUMP_ROOT:
- new |= (1 << MMF_DUMP_SECURELY);
- case SUID_DUMP_USER:
- new |= (1<< MMF_DUMPABLE);
- }
-
+ new = (old & ~MMF_DUMPABLE_MASK) | value;
} while (cmpxchg(&mm->flags, old, new) != old);
}
int __get_dumpable(unsigned long mm_flags)
{
- int ret;
-
- ret = mm_flags & MMF_DUMPABLE_MASK;
- return (ret > SUID_DUMP_USER) ? SUID_DUMP_ROOT : ret;
+ return mm_flags & MMF_DUMPABLE_MASK;
}
/*
diff --git a/include/linux/sched.h b/include/linux/sched.h
index 838a3d9..828c00d 100644
--- a/include/linux/sched.h
+++ b/include/linux/sched.h
@@ -326,10 +326,8 @@ extern int get_dumpable(struct mm_struct *mm);
#define SUID_DUMP_ROOT 2 /* Dump as root */
/* mm flags */
-/* dumpable bits */
-#define MMF_DUMPABLE 0 /* core dump is permitted */
-#define MMF_DUMP_SECURELY 1 /* core file is readable only by root */
+/* for SUID_DUMP_* above */
#define MMF_DUMPABLE_BITS 2
#define MMF_DUMPABLE_MASK ((1 << MMF_DUMPABLE_BITS) - 1)
--
1.5.5.1
next prev parent reply other threads:[~2013-11-19 14:42 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-11-19 14:43 [PATCH v2 0/3] get/set_dumpable() cleanups and theoretical fix Oleg Nesterov
2013-11-19 14:43 ` [PATCH v2 1/3] set_dumpable: fix the theoretical race with itself Oleg Nesterov
2013-11-19 22:20 ` Andrew Morton
2013-11-19 14:43 ` Oleg Nesterov [this message]
2013-11-19 14:43 ` [PATCH v2 3/3] make __get_dumpable/get_dumpable inline, kill fs/coredump.h Oleg Nesterov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20131119144318.GA28865@redhat.com \
--to=oleg@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=alex.page.kelly@gmail.com \
--cc=ebiederm@xmission.com \
--cc=josh@joshtriplett.org \
--cc=keescook@chromium.org \
--cc=linux-arch@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pmatouse@redhat.com \
--cc=segoon@openwall.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.