| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <06c7c949626acd419d77d611a65ca5427d6cf866.1488054759.git.bosrsf04@gmail.com>
Date: Sat, 25 Feb 2017 19:54:47 -0500
From: Brian Ashworth <bosrsf04@...il.com>
To: Alexander Viro <viro@...iv.linux.org.uk>,
Andrew Morton <akpm@...ux-foundation.org>,
Kees Cook <keescook@...omium.org>,
Arnd Bergmann <arnd@...db.de>, Ingo Molnar <mingo@...nel.org>,
Ard Biesheuvel <ard.biesheuvel@...aro.org>,
Andy Lutomirski <luto@...nel.org>,
Nicolas Pitre <nicolas.pitre@...aro.org>,
Petr Mladek <pmladek@...e.com>, Helge Deller <deller@....de>,
Rik van Riel <riel@...hat.com>,
Thomas Garnier <thgarnie@...gle.com>,
Parav Pandit <pandit.parav@...il.com>,
"seokhoon . yoon" <iamyooon@...il.com>,
Thomas Gleixner <tglx@...utronix.de>,
Dave Hansen <dave.hansen@...el.com>,
linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org
Cc: josh@...htriplett.org, brkkurek192@...il.com, conorcurry@...il.com,
fanofbond138@...il.com, Brian Ashworth <bosrsf04@...il.com>
Subject: [PATCH 1/1] fs: Allows for the pivot_root syscall to be optional
The pivot_root syscall is not needed on systems that do not use
any intermediate filesystem. Allowing for pivot_root to be
ommitted from the kernel will aid in the tinification efforts.
Without CONFIG_PIVOT_ROOT_SYSCALL set
add/remove: 0/2 grow/shrink: 1/0 up/down: 45/-707 (-662)
function old new delta
attach_recursive_mnt 349 394 +45
attach_mnt 71 - -71
sys_pivot_root 636 - -636
Total: Before=1899893, After=1899231, chg -0.03%
Signed-off-by: Brian Ashworth <bosrsf04@...il.com>
---
fs/namespace.c | 2 ++
init/Kconfig | 10 ++++++++++
kernel/sys_ni.c | 1 +
3 files changed, 13 insertions(+)
diff --git a/fs/namespace.c b/fs/namespace.c
index 487ba30bb5c6..5e24a08bfb36 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -3058,6 +3058,7 @@ bool path_is_under(const struct path *path1, const struct path *path2)
}
EXPORT_SYMBOL(path_is_under);
+#ifdef CONFIG_PIVOT_ROOT_SYSCALL
/*
* pivot_root Semantics:
* Moves the root file system of the current process to the directory put_old,
@@ -3180,6 +3181,7 @@ SYSCALL_DEFINE2(pivot_root, const char __user *, new_root,
out0:
return error;
}
+#endif /* CONFIG_PIVOT_ROOT_SYSCALL */
static void __init init_mount_tree(void)
{
diff --git a/init/Kconfig b/init/Kconfig
index 8c39615165b7..4ea9ab25ec30 100644
--- a/init/Kconfig
+++ b/init/Kconfig
@@ -1450,6 +1450,16 @@ config SYSCTL_SYSCALL
If unsure say N here.
+config PIVOT_ROOT_SYSCALL
+ bool "Pivot_root syscall support" if EXPERT
+ default y
+ help
+ pivot_root is a system call that allows the root to be moved and
+ replaced by another root. This is needed for intermediate file
+ systems such as initrd.
+
+ If unsure say Y here.
+
config POSIX_TIMERS
bool "Posix Clocks & timers" if EXPERT
default y
diff --git a/kernel/sys_ni.c b/kernel/sys_ni.c
index 8acef8576ce9..7bd207571f87 100644
--- a/kernel/sys_ni.c
+++ b/kernel/sys_ni.c
@@ -178,6 +178,7 @@ cond_syscall(sys_setfsgid);
cond_syscall(sys_capget);
cond_syscall(sys_capset);
cond_syscall(sys_copy_file_range);
+cond_syscall(sys_pivot_root);
/* arch-specific weak syscall entries */
cond_syscall(sys_pciconfig_read);
--
2.11.1
Powered by blists - more mailing lists