lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Sat, 25 Feb 2017 20:14:52 -0500 (EST)
From:   Nicolas Pitre <nicolas.pitre@...aro.org>
To:     Brian Ashworth <bosrsf04@...il.com>
cc:     Alexander Viro <viro@...iv.linux.org.uk>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Kees Cook <keescook@...omium.org>,
        Arnd Bergmann <arnd@...db.de>, Ingo Molnar <mingo@...nel.org>,
        Ard Biesheuvel <ard.biesheuvel@...aro.org>,
        Andy Lutomirski <luto@...nel.org>,
        Petr Mladek <pmladek@...e.com>, Helge Deller <deller@....de>,
        Rik van Riel <riel@...hat.com>,
        Thomas Garnier <thgarnie@...gle.com>,
        Parav Pandit <pandit.parav@...il.com>,
        "seokhoon . yoon" <iamyooon@...il.com>,
        Thomas Gleixner <tglx@...utronix.de>,
        Dave Hansen <dave.hansen@...el.com>,
        linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
        josh@...htriplett.org, brkkurek192@...il.com, conorcurry@...il.com,
        fanofbond138@...il.com
Subject: Re: [PATCH 1/1] fs: Allows for the pivot_root syscall to be
 optional

On Sat, 25 Feb 2017, Brian Ashworth wrote:

> The pivot_root syscall is not needed on systems that do not use
> any intermediate filesystem. Allowing for pivot_root to be
> ommitted from the kernel will aid in the tinification efforts.
> 
> Without CONFIG_PIVOT_ROOT_SYSCALL set
> add/remove: 0/2 grow/shrink: 1/0 up/down: 45/-707 (-662)
> function                                     old     new   delta
> attach_recursive_mnt                         349     394     +45
> attach_mnt                                    71       -     -71
> sys_pivot_root                               636       -    -636
> Total: Before=1899893, After=1899231, chg -0.03%

A -0.03% size difference doesn't seem much.  To bring up a more 
realistic scenario for tinification statistics, you could start from 
"make tinyconfig" instead.

> Signed-off-by: Brian Ashworth <bosrsf04@...il.com>
> ---
>  fs/namespace.c  |  2 ++
>  init/Kconfig    | 10 ++++++++++
>  kernel/sys_ni.c |  1 +
>  3 files changed, 13 insertions(+)

I agree that this is a much more interesting diffstat than the previous 
one.

Acked-by: Nicolas Pitre <nico@...aro.org>


> diff --git a/fs/namespace.c b/fs/namespace.c
> index 487ba30bb5c6..5e24a08bfb36 100644
> --- a/fs/namespace.c
> +++ b/fs/namespace.c
> @@ -3058,6 +3058,7 @@ bool path_is_under(const struct path *path1, const struct path *path2)
>  }
>  EXPORT_SYMBOL(path_is_under);
>  
> +#ifdef CONFIG_PIVOT_ROOT_SYSCALL
>  /*
>   * pivot_root Semantics:
>   * Moves the root file system of the current process to the directory put_old,
> @@ -3180,6 +3181,7 @@ SYSCALL_DEFINE2(pivot_root, const char __user *, new_root,
>  out0:
>  	return error;
>  }
> +#endif  /* CONFIG_PIVOT_ROOT_SYSCALL */
>  
>  static void __init init_mount_tree(void)
>  {
> diff --git a/init/Kconfig b/init/Kconfig
> index 8c39615165b7..4ea9ab25ec30 100644
> --- a/init/Kconfig
> +++ b/init/Kconfig
> @@ -1450,6 +1450,16 @@ config SYSCTL_SYSCALL
>  
>  	  If unsure say N here.
>  
> +config PIVOT_ROOT_SYSCALL
> +	bool "Pivot_root syscall support" if EXPERT
> +	default y
> +	help
> +	  pivot_root is a system call that allows the root to be moved and
> +	  replaced by another root. This is needed for intermediate file
> +	  systems such as initrd.
> +
> +	  If unsure say Y here.
> +
>  config POSIX_TIMERS
>  	bool "Posix Clocks & timers" if EXPERT
>  	default y
> diff --git a/kernel/sys_ni.c b/kernel/sys_ni.c
> index 8acef8576ce9..7bd207571f87 100644
> --- a/kernel/sys_ni.c
> +++ b/kernel/sys_ni.c
> @@ -178,6 +178,7 @@ cond_syscall(sys_setfsgid);
>  cond_syscall(sys_capget);
>  cond_syscall(sys_capset);
>  cond_syscall(sys_copy_file_range);
> +cond_syscall(sys_pivot_root);
>  
>  /* arch-specific weak syscall entries */
>  cond_syscall(sys_pciconfig_read);
> -- 
> 2.11.1
> 
> 

Powered by blists - more mailing lists