From: Vincent Whitchurch <vincent.whitchurch@axis.com>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: kernel <kernel@axis.com>,
"adobriyan@gmail.com" <adobriyan@gmail.com>,
"vbabka@suse.cz" <vbabka@suse.cz>,
"linux-mm@kvack.org" <linux-mm@kvack.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"linux-fsdevel@vger.kernel.org" <linux-fsdevel@vger.kernel.org>,
<sergey.senozhatsky@gmail.com>
Subject: Re: [PATCH] proc: Enable smaps_rollup without ptrace rights
Date: Tue, 13 Sep 2022 15:07:20 +0200 [thread overview]
Message-ID: <YyCAiAMvaNihNUAH@axis.com> (raw)
In-Reply-To: <20220908145934.4565620db7cbc3b9ceb90e3b@linux-foundation.org>
On Thu, Sep 08, 2022 at 11:59:34PM +0200, Andrew Morton wrote:
> On Thu, 8 Sep 2022 11:39:19 +0200 Vincent Whitchurch <vincent.whitchurch@axis.com> wrote:
> > smaps_rollup is currently only allowed on processes which the user has
> > ptrace permissions for, since it uses a common proc open function used
> > by other files like mem and smaps.
> >
> > However, while smaps provides detailed, individual information about
> > each memory map in the process (justifying its ptrace rights
> > requirement), smaps_rollup only provides a summary of the memory usage,
> > which is not unlike the information available from other places like the
> > status and statm files, which do not need ptrace permissions.
> >
> > The first line of smaps_rollup could however be sensitive, since it
> > exposes the randomized start and end of the process' address space.
> > This information however does not seem essential to smap_rollup's
> > purpose and could be replaced with placeholder values to preserve the
> > format without leaking information. (I could not find any user space in
> > Debian or Android which uses the information in the first line.)
> >
> > Replace the start with 0 and end with ~0 and allow smaps_rollup to be
> > opened and read regardless of ptrace permissions.
>
> What is the motivation for this? Use case? End-user value and such?
My use case is similar to Sergey's[0]: to be able to gather memory usage
information from a daemon/script running without root permissions or
ptrace rights. Values like Pss are only available from smaps_rollup,
and not from the other files like status and statm which already provide
memory usage information without requiring elevated privileges.
[0] https://lore.kernel.org/lkml/20200929024018.GA529@jagdpanzerIV.localdomain/
smaps_rollup is however much more expensive than those other files, so I
guess that could be an argument for treating it differently, even if the
content itself does not need to be protected.
prev parent reply other threads:[~2022-09-13 13:07 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-09-08 9:39 [PATCH] proc: Enable smaps_rollup without ptrace rights Vincent Whitchurch
2022-09-08 21:59 ` Andrew Morton
2022-09-13 13:07 ` Vincent Whitchurch [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YyCAiAMvaNihNUAH@axis.com \
--to=vincent.whitchurch@axis.com \
--cc=adobriyan@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=kernel@axis.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=sergey.senozhatsky@gmail.com \
--cc=vbabka@suse.cz \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).