| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <7wjaerxsmtdsdzy5vfrzts7un2cuwo3nbf7khxzaetypu6tdkr@thz4i7e5shrz>
Date: Tue, 12 Aug 2025 13:26:35 -0400
From: "Liam R. Howlett" <Liam.Howlett@...cle.com>
To: Lorenzo Stoakes <lorenzo.stoakes@...cle.com>
Cc: Andrew Morton <akpm@...ux-foundation.org>,
Alexander Gordeev <agordeev@...ux.ibm.com>,
Gerald Schaefer <gerald.schaefer@...ux.ibm.com>,
Heiko Carstens <hca@...ux.ibm.com>, Vasily Gorbik <gor@...ux.ibm.com>,
Christian Borntraeger <borntraeger@...ux.ibm.com>,
Sven Schnelle <svens@...ux.ibm.com>,
"David S . Miller" <davem@...emloft.net>,
Andreas Larsson <andreas@...sler.com>,
Dave Hansen <dave.hansen@...ux.intel.com>,
Andy Lutomirski <luto@...nel.org>,
Peter Zijlstra <peterz@...radead.org>,
Thomas Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...hat.com>,
Borislav Petkov <bp@...en8.de>, "H . Peter Anvin" <hpa@...or.com>,
Alexander Viro <viro@...iv.linux.org.uk>,
Christian Brauner <brauner@...nel.org>, Jan Kara <jack@...e.cz>,
Kees Cook <kees@...nel.org>, David Hildenbrand <david@...hat.com>,
Zi Yan <ziy@...dia.com>, Baolin Wang <baolin.wang@...ux.alibaba.com>,
Nico Pache <npache@...hat.com>, Ryan Roberts <ryan.roberts@....com>,
Dev Jain <dev.jain@....com>, Barry Song <baohua@...nel.org>,
Xu Xin <xu.xin16@....com.cn>,
Chengming Zhou <chengming.zhou@...ux.dev>,
Vlastimil Babka <vbabka@...e.cz>, Mike Rapoport <rppt@...nel.org>,
Suren Baghdasaryan <surenb@...gle.com>, Michal Hocko <mhocko@...e.com>,
David Rientjes <rientjes@...gle.com>,
Shakeel Butt <shakeel.butt@...ux.dev>,
Arnaldo Carvalho de Melo <acme@...nel.org>,
Namhyung Kim <namhyung@...nel.org>,
Mark Rutland <mark.rutland@....com>,
Alexander Shishkin <alexander.shishkin@...ux.intel.com>,
Jiri Olsa <jolsa@...nel.org>, Ian Rogers <irogers@...gle.com>,
Adrian Hunter <adrian.hunter@...el.com>,
Kan Liang <kan.liang@...ux.intel.com>,
Masami Hiramatsu <mhiramat@...nel.org>,
Oleg Nesterov <oleg@...hat.com>, Juri Lelli <juri.lelli@...hat.com>,
Vincent Guittot <vincent.guittot@...aro.org>,
Dietmar Eggemann <dietmar.eggemann@....com>,
Steven Rostedt <rostedt@...dmis.org>, Ben Segall <bsegall@...gle.com>,
Mel Gorman <mgorman@...e.de>, Valentin Schneider <vschneid@...hat.com>,
Jason Gunthorpe <jgg@...pe.ca>, John Hubbard <jhubbard@...dia.com>,
Peter Xu <peterx@...hat.com>, Jann Horn <jannh@...gle.com>,
Pedro Falcato <pfalcato@...e.de>, Matthew Wilcox <willy@...radead.org>,
Mateusz Guzik <mjguzik@...il.com>, linux-s390@...r.kernel.org,
linux-kernel@...r.kernel.org, sparclinux@...r.kernel.org,
linux-fsdevel@...r.kernel.org, linux-mm@...ck.org,
linux-trace-kernel@...r.kernel.org, linux-perf-users@...r.kernel.org
Subject: Re: [PATCH 06/10] mm: update coredump logic to correctly use bitmap
mm flags
* Lorenzo Stoakes <lorenzo.stoakes@...cle.com> [250812 11:47]:
> The coredump logic is slightly different from other users in that it both
> stores mm flags and additionally sets and gets using masks.
>
> Since the MMF_DUMPABLE_* flags must remain as they are for uABI reasons,
> and of course these are within the first 32-bits of the flags, it is
> reasonable to provide access to these in the same fashion so this logic can
> all still keep working as it has been.
>
> Therefore, introduce coredump-specific helpers __mm_flags_get_dumpable()
> and __mm_flags_set_mask_dumpable() for this purpose, and update all core
> dump users of mm flags to use these.
>
> Signed-off-by: Lorenzo Stoakes <lorenzo.stoakes@...cle.com>
Reviewed-by: Liam R. Howlett <Liam.Howlett@...cle.com>
> ---
> fs/coredump.c | 4 +++-
> fs/exec.c | 2 +-
> fs/pidfs.c | 7 +++++--
> fs/proc/base.c | 8 +++++---
> include/linux/sched/coredump.h | 21 ++++++++++++++++++++-
> 5 files changed, 34 insertions(+), 8 deletions(-)
>
> diff --git a/fs/coredump.c b/fs/coredump.c
> index fedbead956ed..e5d9d6276990 100644
> --- a/fs/coredump.c
> +++ b/fs/coredump.c
> @@ -1103,8 +1103,10 @@ void vfs_coredump(const kernel_siginfo_t *siginfo)
> * We must use the same mm->flags while dumping core to avoid
> * inconsistency of bit flags, since this flag is not protected
> * by any locks.
> + *
> + * Note that we only care about MMF_DUMP* flags.
> */
> - .mm_flags = mm->flags,
> + .mm_flags = __mm_flags_get_dumpable(mm),
> .vma_meta = NULL,
> .cpu = raw_smp_processor_id(),
> };
> diff --git a/fs/exec.c b/fs/exec.c
> index 2a1e5e4042a1..dbac0e84cc3e 100644
> --- a/fs/exec.c
> +++ b/fs/exec.c
> @@ -1999,7 +1999,7 @@ void set_dumpable(struct mm_struct *mm, int value)
> if (WARN_ON((unsigned)value > SUID_DUMP_ROOT))
> return;
>
> - set_mask_bits(&mm->flags, MMF_DUMPABLE_MASK, value);
> + __mm_flags_set_mask_dumpable(mm, value);
> }
>
> SYSCALL_DEFINE3(execve,
> diff --git a/fs/pidfs.c b/fs/pidfs.c
> index edc35522d75c..5148b7646b7f 100644
> --- a/fs/pidfs.c
> +++ b/fs/pidfs.c
> @@ -357,8 +357,11 @@ static long pidfd_info(struct file *file, unsigned int cmd, unsigned long arg)
>
> if ((kinfo.mask & PIDFD_INFO_COREDUMP) && !(kinfo.coredump_mask)) {
> task_lock(task);
> - if (task->mm)
> - kinfo.coredump_mask = pidfs_coredump_mask(task->mm->flags);
> + if (task->mm) {
> + unsigned long flags = __mm_flags_get_dumpable(task->mm);
> +
> + kinfo.coredump_mask = pidfs_coredump_mask(flags);
> + }
> task_unlock(task);
> }
>
> diff --git a/fs/proc/base.c b/fs/proc/base.c
> index 62d35631ba8c..f0c093c58aaf 100644
> --- a/fs/proc/base.c
> +++ b/fs/proc/base.c
> @@ -2962,8 +2962,10 @@ static ssize_t proc_coredump_filter_read(struct file *file, char __user *buf,
> ret = 0;
> mm = get_task_mm(task);
> if (mm) {
> + unsigned long flags = __mm_flags_get_dumpable(mm);
> +
> len = snprintf(buffer, sizeof(buffer), "%08lx\n",
> - ((mm->flags & MMF_DUMP_FILTER_MASK) >>
> + ((flags & MMF_DUMP_FILTER_MASK) >>
> MMF_DUMP_FILTER_SHIFT));
> mmput(mm);
> ret = simple_read_from_buffer(buf, count, ppos, buffer, len);
> @@ -3002,9 +3004,9 @@ static ssize_t proc_coredump_filter_write(struct file *file,
>
> for (i = 0, mask = 1; i < MMF_DUMP_FILTER_BITS; i++, mask <<= 1) {
> if (val & mask)
> - set_bit(i + MMF_DUMP_FILTER_SHIFT, &mm->flags);
> + mm_flags_set(i + MMF_DUMP_FILTER_SHIFT, mm);
> else
> - clear_bit(i + MMF_DUMP_FILTER_SHIFT, &mm->flags);
> + mm_flags_clear(i + MMF_DUMP_FILTER_SHIFT, mm);
> }
>
> mmput(mm);
> diff --git a/include/linux/sched/coredump.h b/include/linux/sched/coredump.h
> index 6eb65ceed213..19ecfcceb27a 100644
> --- a/include/linux/sched/coredump.h
> +++ b/include/linux/sched/coredump.h
> @@ -2,12 +2,29 @@
> #ifndef _LINUX_SCHED_COREDUMP_H
> #define _LINUX_SCHED_COREDUMP_H
>
> +#include <linux/compiler_types.h>
> #include <linux/mm_types.h>
>
> #define SUID_DUMP_DISABLE 0 /* No setuid dumping */
> #define SUID_DUMP_USER 1 /* Dump as user of process */
> #define SUID_DUMP_ROOT 2 /* Dump as root */
>
> +static inline unsigned long __mm_flags_get_dumpable(struct mm_struct *mm)
> +{
> + /*
> + * By convention, dumpable bits are contained in first 32 bits of the
> + * bitmap, so we can simply access this first unsigned long directly.
> + */
> + return __mm_flags_get_word(mm);
> +}
> +
> +static inline void __mm_flags_set_mask_dumpable(struct mm_struct *mm, int value)
> +{
> + unsigned long *bitmap = ACCESS_PRIVATE(&mm->_flags, __mm_flags);
> +
> + set_mask_bits(bitmap, MMF_DUMPABLE_MASK, value);
> +}
> +
> extern void set_dumpable(struct mm_struct *mm, int value);
> /*
> * This returns the actual value of the suid_dumpable flag. For things
> @@ -22,7 +39,9 @@ static inline int __get_dumpable(unsigned long mm_flags)
>
> static inline int get_dumpable(struct mm_struct *mm)
> {
> - return __get_dumpable(mm->flags);
> + unsigned long flags = __mm_flags_get_dumpable(mm);
> +
> + return __get_dumpable(flags);
> }
>
> #endif /* _LINUX_SCHED_COREDUMP_H */
> --
> 2.50.1
>
Powered by blists - more mailing lists