From: ebiederm@xmission.com (Eric W. Biederman)
To: Alexey Dobriyan <adobriyan@gmail.com>
Cc: Andrew Morton <akpm@linux-foundation.org>,
Chris Down <chris@chrisdown.name>,
Johannes Weiner <hannes@cmpxchg.org>,
linux-mm@kvack.org, linux-kernel@vger.kernel.org,
kernel-team@fb.com
Subject: Re: [PATCH] kernel: sysctl: make drop_caches write-only
Date: Sun, 03 Nov 2019 13:00:36 -0600 [thread overview]
Message-ID: <8736f4g4yz.fsf@x220.int.ebiederm.org> (raw)
In-Reply-To: <20191102155536.GA10251@avx2> (Alexey Dobriyan's message of "Sat, 2 Nov 2019 18:55:36 +0300")
Alexey Dobriyan <adobriyan@gmail.com> writes:
> On Fri, Nov 01, 2019 at 12:35:44PM -0700, Andrew Morton wrote:
>> On Fri, 1 Nov 2019 12:29:20 -0700 Andrew Morton <akpm@linux-foundation.org> wrote:
>>
>> > > Either change is an upgrade from the current situation, at least. I prefer
>> > > towards whatever makes the API the least confusing, which appears to be
>> > > Johannes' original change, but I'd support a patch which always set it to
>> > > 0 instead if it was deemed safer.
>> >
>> > On the other hand.. As I mentioned earlier, if someone's code is
>> > failing because of the permissions change, they can chmod
>> > /proc/sys/vm/drop_caches at boot time and be happy. They have no such
>> > workaround if their software misbehaves due to a read always returning
>> > "0".
>>
>> I lied. I can chmod things in /proc but I can't chmod things in
>> /proc/sys/vm. Huh, why did we do that?
>
> To conserve memory! It was in 2007.
> For the record I support 0200 on vm.drop_caches.
>
> commit 77b14db502cb85a031fe8fde6c85d52f3e0acb63
> [PATCH] sysctl: reimplement the sysctl proc support
>
> +static int proc_sys_setattr(struct dentry *dentry, struct iattr *attr)
> +{
> + struct inode *inode = dentry->d_inode;
> + int error;
> +
> + if (attr->ia_valid & (ATTR_MODE | ATTR_UID | ATTR_GID))
> + return -EPERM;
Almost.
The rewrite was both to concerve memory and to support the network
namespace. Which required a different view of proc files.
But in this case we have always unconditionally called sysctl_perm. The
change above at best removed a layer of obfuscation that made it look
like some other permission check was being honored.
Eric
next prev parent reply other threads:[~2019-11-03 19:00 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-31 22:16 [PATCH] kernel: sysctl: make drop_caches write-only Johannes Weiner
2019-10-31 23:28 ` Andrew Morton
2019-11-01 11:09 ` Chris Down
2019-11-01 11:09 ` Chris Down
2019-11-01 14:45 ` Johannes Weiner
2019-11-01 18:59 ` Andrew Morton
2019-11-01 19:24 ` Chris Down
2019-11-01 19:29 ` Andrew Morton
2019-11-01 19:35 ` Andrew Morton
2019-11-02 15:55 ` Alexey Dobriyan
2019-11-03 19:00 ` Eric W. Biederman [this message]
2019-11-01 10:58 ` Chris Down
2019-11-04 10:37 ` David Hildenbrand
2019-11-04 13:25 ` Vlastimil Babka
2019-11-05 6:20 ` Michal Hocko
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=8736f4g4yz.fsf@x220.int.ebiederm.org \
--to=ebiederm@xmission.com \
--cc=adobriyan@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=chris@chrisdown.name \
--cc=hannes@cmpxchg.org \
--cc=kernel-team@fb.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.