lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <87wnc6nyux.fsf@email.froward.int.ebiederm.org>
Date:   Thu, 21 Jul 2022 12:45:42 -0500
From:   "Eric W. Biederman" <ebiederm@...ssion.com>
To:     Luis Chamberlain <mcgrof@...nel.org>
Cc:     Zhang Yuchen <zhangyuchen.lcr@...edance.com>,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        David Howells <dhowells@...hat.com>,
        Deepa Dinamani <deepa.kernel@...il.com>,
        Christoph Hellwig <hch@....de>,
        Muchun Song <songmuchun@...edance.com>,
        linux-api@...r.kernel.org, keescook@...omium.org,
        yzaikin@...gle.com, linux-kernel@...r.kernel.org,
        linux-fsdevel@...r.kernel.org
Subject: Re: [RFC] proc: fix create timestamp of files in proc

Luis Chamberlain <mcgrof@...nel.org> writes:

> On Thu, Jul 21, 2022 at 04:16:17PM +0800, Zhang Yuchen wrote:
>> A user has reported a problem that the /proc/{pid} directory
>> creation timestamp is incorrect.
>
> The directory?

A bit of history that I don't think made it to the git log is that
procps uses the /proc/<pid> directory, to discover the uid and gid of the
process.

I have memories of Albert Cahalan reporting regressions because I
had tweaked the attributes of proc in ways that I expected no
one would care about and caused a regression in procps.

So it is not unreasonable for people to have used proc in surprising
ways.

I took a quick read through procps and it looks like procps reads
/proc/<pid>/stat to get the start_time of the process.


Which leads us to this quality of implementation issue that the time
on the inode of a proc directory is the first time that someone read
the directory and observed the file.  Which does not need to be anything
at all related to the start time.

I think except for the symlinks and files under /proc/pid/fd and
/proc/pid/fdinfo there is a very good case for making all of the files
/proc/pid have a creation time of equal to the creation of the process
in question.  Although the files under /proc/pid/task/ need to have
a time equal to the creation time of the thread in question.

Improving the quality of implementation requires caring enough to make
that change, and right now I don't.

At the same time I would say the suggested patch is a bad idea.
Any application that breaks because we hard set the timestamp on a proc
file or directory to the beginning of time is automatically counts as a
regression.

Since the entire point of the patch is to break applications that are
doing things wrong, aka cause regressions I don't think the patch
make sense.

So I would vote for understanding what the problem user is doing.  Then
either proc can be improved to better support users, or we can do
nothing.

Except for explaining the history and how people have legitimately used
implementation details of proc before, I am not really interested.  But
I do think we can do better.

Eric

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ