| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <alpine.LFD.2.20.1702252007320.1730@knanqh.ubzr>
Date: Sat, 25 Feb 2017 20:14:52 -0500 (EST)
From: Nicolas Pitre <nicolas.pitre@...aro.org>
To: Brian Ashworth <bosrsf04@...il.com>
cc: Alexander Viro <viro@...iv.linux.org.uk>,
Andrew Morton <akpm@...ux-foundation.org>,
Kees Cook <keescook@...omium.org>,
Arnd Bergmann <arnd@...db.de>, Ingo Molnar <mingo@...nel.org>,
Ard Biesheuvel <ard.biesheuvel@...aro.org>,
Andy Lutomirski <luto@...nel.org>,
Petr Mladek <pmladek@...e.com>, Helge Deller <deller@....de>,
Rik van Riel <riel@...hat.com>,
Thomas Garnier <thgarnie@...gle.com>,
Parav Pandit <pandit.parav@...il.com>,
"seokhoon . yoon" <iamyooon@...il.com>,
Thomas Gleixner <tglx@...utronix.de>,
Dave Hansen <dave.hansen@...el.com>,
linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
josh@...htriplett.org, brkkurek192@...il.com, conorcurry@...il.com,
fanofbond138@...il.com
Subject: Re: [PATCH 1/1] fs: Allows for the pivot_root syscall to be
optional
On Sat, 25 Feb 2017, Brian Ashworth wrote:
> The pivot_root syscall is not needed on systems that do not use
> any intermediate filesystem. Allowing for pivot_root to be
> ommitted from the kernel will aid in the tinification efforts.
>
> Without CONFIG_PIVOT_ROOT_SYSCALL set
> add/remove: 0/2 grow/shrink: 1/0 up/down: 45/-707 (-662)
> function old new delta
> attach_recursive_mnt 349 394 +45
> attach_mnt 71 - -71
> sys_pivot_root 636 - -636
> Total: Before=1899893, After=1899231, chg -0.03%
A -0.03% size difference doesn't seem much. To bring up a more
realistic scenario for tinification statistics, you could start from
"make tinyconfig" instead.
> Signed-off-by: Brian Ashworth <bosrsf04@...il.com>
> ---
> fs/namespace.c | 2 ++
> init/Kconfig | 10 ++++++++++
> kernel/sys_ni.c | 1 +
> 3 files changed, 13 insertions(+)
I agree that this is a much more interesting diffstat than the previous
one.
Acked-by: Nicolas Pitre <nico@...aro.org>
> diff --git a/fs/namespace.c b/fs/namespace.c
> index 487ba30bb5c6..5e24a08bfb36 100644
> --- a/fs/namespace.c
> +++ b/fs/namespace.c
> @@ -3058,6 +3058,7 @@ bool path_is_under(const struct path *path1, const struct path *path2)
> }
> EXPORT_SYMBOL(path_is_under);
>
> +#ifdef CONFIG_PIVOT_ROOT_SYSCALL
> /*
> * pivot_root Semantics:
> * Moves the root file system of the current process to the directory put_old,
> @@ -3180,6 +3181,7 @@ SYSCALL_DEFINE2(pivot_root, const char __user *, new_root,
> out0:
> return error;
> }
> +#endif /* CONFIG_PIVOT_ROOT_SYSCALL */
>
> static void __init init_mount_tree(void)
> {
> diff --git a/init/Kconfig b/init/Kconfig
> index 8c39615165b7..4ea9ab25ec30 100644
> --- a/init/Kconfig
> +++ b/init/Kconfig
> @@ -1450,6 +1450,16 @@ config SYSCTL_SYSCALL
>
> If unsure say N here.
>
> +config PIVOT_ROOT_SYSCALL
> + bool "Pivot_root syscall support" if EXPERT
> + default y
> + help
> + pivot_root is a system call that allows the root to be moved and
> + replaced by another root. This is needed for intermediate file
> + systems such as initrd.
> +
> + If unsure say Y here.
> +
> config POSIX_TIMERS
> bool "Posix Clocks & timers" if EXPERT
> default y
> diff --git a/kernel/sys_ni.c b/kernel/sys_ni.c
> index 8acef8576ce9..7bd207571f87 100644
> --- a/kernel/sys_ni.c
> +++ b/kernel/sys_ni.c
> @@ -178,6 +178,7 @@ cond_syscall(sys_setfsgid);
> cond_syscall(sys_capget);
> cond_syscall(sys_capset);
> cond_syscall(sys_copy_file_range);
> +cond_syscall(sys_pivot_root);
>
> /* arch-specific weak syscall entries */
> cond_syscall(sys_pciconfig_read);
> --
> 2.11.1
>
>
Powered by blists - more mailing lists