From: Cyrill Gorcunov <gorcunov@gmail.com>
To: Kees Cook <keescook@chromium.org>
Cc: LKML <linux-kernel@vger.kernel.org>,
Andrew Morton <akpm@linux-foundation.org>,
"Kirill A. Shutemov" <kirill@shutemov.name>,
Calvin Owens <calvinowens@fb.com>,
Alexey Dobriyan <adobriyan@gmail.com>,
Oleg Nesterov <oleg@redhat.com>,
"Eric W. Biederman" <ebiederm@xmission.com>,
Al Viro <viro@zeniv.linux.org.uk>,
Peter Feiner <pfeiner@google.com>,
Pavel Emelyanov <xemul@openvz.org>
Subject: Re: [PATCH] docs: procs -- Describe /proc/<pid>/map_files entry
Date: Wed, 28 Jan 2015 00:20:44 +0300 [thread overview]
Message-ID: <20150127212044.GO651@moon> (raw)
In-Reply-To: <CAGXu5jJ0oNeMq+gibuHfB-j_ZooGnuZ_o1aCoMO=qMWen+HQUw@mail.gmail.com>
On Tue, Jan 27, 2015 at 11:50:49AM -0800, Kees Cook wrote:
> > +
> > +The main purpose of map_files directory is to be able to retrieve a set of
> > +memory mapped files in a fast way instead of parsing /proc/<pid>/maps or
> > +/proc/<pid>/smaps which contain a way more records. Same time one can open(2)
> > +mappings from the listings of two processes and comparing inodes figure out
> > +which anonymous memory areas are actually shared.
>
> Thanks for details! I still don't understand how this is used for
> checkpoint/restore when the mmap offset isn't shown. Can't a process
> map, say 4K of a file, from different offsets, and it would show up
> as:
>
> 400000-401000 -> /some/file
> 401000-402000 -> /some/file
>
> but there'd be no way to know how to restore that mapping?
In criu we use a few sources of information (ie we scan not only
map_files, but have to use /proc/pid/smaps as well which has
offset for mapping). So at the end we have all picture under
our hands.
> Are these symlinks "regular" symlinks, or are they something more
> special that bypasses VFS? If it bypasses VFS, I think adding and open
> check with PTRACE_ATTACH is needed, since now you're able to _modify_
> the memory space of the target process instead of just reading it.
Opening them goes same way as open of /proc/pid/fd/ entries as
far as I can tell. This should be enough, or I miss something
obvious here? Otherwise opening /proc/pid/fd/ should use
PTRACE_ATTACH instead of PTRACE_MODE_READ (as in proc_fd_access_allowed).
next prev parent reply other threads:[~2015-01-27 21:20 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-01-27 9:41 [PATCH] docs: procs -- Describe /proc/<pid>/map_files entry Cyrill Gorcunov
2015-01-27 19:50 ` Kees Cook
2015-01-27 20:43 ` Kirill A. Shutemov
2015-01-27 21:20 ` Cyrill Gorcunov [this message]
2015-01-30 1:31 ` Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150127212044.GO651@moon \
--to=gorcunov@gmail.com \
--cc=adobriyan@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=calvinowens@fb.com \
--cc=ebiederm@xmission.com \
--cc=keescook@chromium.org \
--cc=kirill@shutemov.name \
--cc=linux-kernel@vger.kernel.org \
--cc=oleg@redhat.com \
--cc=pfeiner@google.com \
--cc=viro@zeniv.linux.org.uk \
--cc=xemul@openvz.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.