Re: [uml-devel] [patch 1/1] SKAS3: fix mm->dumpable handling

[BlaisorBlade]

On Thursday 14 October 2004 18:17, blaisorblade_spam@xxxxxxxx wrote:
> From: Paolo 'Blaisorblade' Giarrusso <blaisorblade_spam@xxxxxxxx>, Henrik
> Nordstrom <uml@xxxxxxxxxxxxxxxxxxx>, Michael Richardson
> <mcr@xxxxxxxxxxxxxxxxxxxxxx>

> When a child mm is created by opening /proc/mm, without this patch its
> mm->dumpable flag is left set to 0, even when there is no reason to do so.
>
> This way, for instance, if <pid> is the pid of a userspace thread,
> /proc/<pid> is only readable by root (which was the original reason letting
> this be diagnosed by Michael Richardson).

> Paolo and Henrik discussed about this in detail, finally Paolo wrote the
> patch and sent it for comment.
And Paolo (myself) fucked it up:

> +		/* Let's be safe. If we are ptraced from a non-dumpable process,
> +		 * let's not be dumpable. Don't try to be smart and turn
> +		 * current->dumpable to 1: it may be unsafe.*/
> +		if (!current->dumpable) {
This should be current->mm->dumpable, not current->dumpable.
> +			new->dumpable = 0;
> +			wmb();
> +		}
> +
>  		atomic_inc(&new->mm_users);
>  		child->mm = new;
>  		child->active_mm = new;
> _
Also, we have not studied the case of another process trying to ptrace and 
SWITCH_MM a process already having some mm's (it cannot give it any already 
existing mm, because it has not the file descriptor). It seems safe to me, 
but I'm going to study this and put the result in next patch version.
-- 
Paolo Giarrusso, aka Blaisorblade
Linux registered user n. 292729

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/