From mboxrd@z Thu Jan  1 00:00:00 1970
From: Vasiliy Kulikov <segoon@openwall.com>
Subject: Re: [patch 2/2] fs, proc: Introduce the /proc/<pid>/map_files/
 directory v6
Date: Tue, 6 Sep 2011 21:29:52 +0400
Message-ID: <20110906172952.GA28055@albatros>
References: <20110831142622.GB30615@sun>
 <20110831151023.5b7e12da.akpm@linux-foundation.org>
 <20110901080508.GF30615@sun>
 <20110902163711.GA3124@albatros>
 <20110905185358.GA2103@albatros>
 <20110905192009.GJ761@sun>
 <20110905194908.GA2690@albatros>
 <20110905203627.GL761@sun>
 <20110906101518.GA4799@albatros>
 <20110906165144.GJ18425@mtj.dyndns.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Cc: Cyrill Gorcunov <gorcunov@gmail.com>,
	Andrew Morton <akpm@linux-foundation.org>,
	"Kirill A. Shutemov" <kirill@shutemov.name>,
	containers@lists.osdl.org, linux-kernel@vger.kernel.org,
	linux-fsdevel@vger.kernel.org, Nathan Lynch <ntl@pobox.com>,
	kernel-hardening@lists.openwall.com,
	Oren Laadan <orenl@cs.columbia.edu>,
	Daniel Lezcano <dlezcano@fr.ibm.com>,
	Glauber Costa <glommer@parallels.com>,
	James Bottomley <jbottomley@parallels.com>,
	Alexey Dobriyan <adobriyan@gmail.com>,
	Al Viro <viro@ZenIV.linux.org.uk>,
	Pavel Emelyanov <xemul@parallels.com>
To: Tejun Heo <tj@kernel.org>
Return-path: <linux-fsdevel-owner@vger.kernel.org>
Received: from mail-bw0-f46.google.com ([209.85.214.46]:55241 "EHLO
	mail-bw0-f46.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1753018Ab1IFRaI (ORCPT
	<rfc822;linux-fsdevel@vger.kernel.org>);
	Tue, 6 Sep 2011 13:30:08 -0400
Content-Disposition: inline
In-Reply-To: <20110906165144.GJ18425@mtj.dyndns.org>
Sender: linux-fsdevel-owner@vger.kernel.org
List-ID: <linux-fsdevel.vger.kernel.org>

Hi Tejun,

On Wed, Sep 07, 2011 at 01:51 +0900, Tejun Heo wrote:
> On Tue, Sep 06, 2011 at 02:15:18PM +0400, Vasiliy Kulikov wrote:
> >   c) If dentry is lazily dropped on each access attempt (or each illegal
> >      access) then PID2 can:
> > 
> >      i) read dentry line of /proc/slabinfo
> >      ii) call link(2) against /proc/PID/fd, which invalidates the
> >          specific dentry
> >      iii) re-read dentry line of /proc/slabinfo.  If it has decreased by
> >          one, the dentry existed before (ii).
> 
> If we really worry about this, probably the right thing to do is
> hiding slabinfo from mortal UIDs instead of worrying about what
> exactly are freed or not from each user.

I agree with you.  I don't think that showing system-global debug
information to all users by default is the right thing.  But some people
doesn't agree with this point of view:

http://thread.gmane.org/gmane.linux.kernel/1108378

-- 
Vasiliy Kulikov
http://www.openwall.com - bringing security into open computing environments