From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id A74DCC4345F for ; Fri, 26 Apr 2024 03:25:48 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 021D16B0082; Thu, 25 Apr 2024 23:25:48 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id F13F26B0083; Thu, 25 Apr 2024 23:25:47 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id E02A96B0085; Thu, 25 Apr 2024 23:25:47 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id C973D6B0082 for ; Thu, 25 Apr 2024 23:25:47 -0400 (EDT) Received: from smtpin24.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id 435DB12071E for ; Fri, 26 Apr 2024 03:25:47 +0000 (UTC) X-FDA: 82050243534.24.68DD98E Received: from casper.infradead.org (casper.infradead.org [90.155.50.34]) by imf19.hostedemail.com (Postfix) with ESMTP id 214441A000A for ; Fri, 26 Apr 2024 03:25:44 +0000 (UTC) Authentication-Results: imf19.hostedemail.com; dkim=pass header.d=infradead.org header.s=casper.20170209 header.b=fPLNukjc; spf=none (imf19.hostedemail.com: domain of willy@infradead.org has no SPF policy when checking 90.155.50.34) smtp.mailfrom=willy@infradead.org; dmarc=none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1714101945; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=C7BGuFax2sLW1Ikgo6D4h4Axnj+rfKZZEdQqdqRze5Y=; b=BEMvN0n9iRyQhEs63NSs3SgdURG05K1loZc3V8TyNPcM9kKYNyVhPg8cfqdx+KFaL0Vj1q 8zMZR+BRzUl840WvlLtCojw0d60UxLbgtFVjNNcxRpSYjXUiw34ypNdN8DRLlER0dFJXxJ f7+3IKBV9uW85HjXzz1+txEhvrGk4P4= ARC-Authentication-Results: i=1; imf19.hostedemail.com; dkim=pass header.d=infradead.org header.s=casper.20170209 header.b=fPLNukjc; spf=none (imf19.hostedemail.com: domain of willy@infradead.org has no SPF policy when checking 90.155.50.34) smtp.mailfrom=willy@infradead.org; dmarc=none ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1714101945; a=rsa-sha256; cv=none; b=beL7r76K+4aU+irGqV0Z9IfcmFbYnKw9YodDtFmVgWOEKeb8fS7qonxYd4101jHM+lHCSZ Zs/NkIsMUMoiun+L/JQUvwVG8FZ0PQPBhfQrjgfxrAw1Gz6SwwOSr3uDEQGbXFpVEYVVNu gYp+66T6uYMmOl2ftP5mLNdKiltkup8= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=casper.20170209; h=In-Reply-To:Content-Type:MIME-Version: References:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description; bh=C7BGuFax2sLW1Ikgo6D4h4Axnj+rfKZZEdQqdqRze5Y=; b=fPLNukjc5FsxCc70iHDy4iKbYu qUXxEUOVlz5cmhqdpUUaoH7msVoRMATiKpcaEniAdqHIqEmEv4O25Piq6Na4zW9oHP4dJgoCEBNm5 h/zgiXWli/nRJQ6kR4VQg9yX6EVZaBOvg/7uZI2Sw9YWCidSA71hc4XDrrINPkl1XA1NTXrAeoI54 rAAxHaee1UY5h4r1kbxEyZgSeNfVw3NjsC1UnAybUGFoeExyQ/iZKNWHvfeKsf+yUx7qVFELtvtv0 TqrlwZ1UkKAalxlBZFGnuiAbFbDTpvNnKpUQTHeR/icMuTerpH+wBinj9w4QLmhyWjD+sy1Fvfb6p A3XRtMMw==; Received: from willy by casper.infradead.org with local (Exim 4.97.1 #2 (Red Hat Linux)) id 1s0CDU-00000004NaV-0r81; Fri, 26 Apr 2024 03:25:40 +0000 Date: Fri, 26 Apr 2024 04:25:40 +0100 From: Matthew Wilcox To: Kent Overstreet Cc: Kees Cook , Andrew Morton , Suren Baghdasaryan , linux-mm@kvack.org, linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org Subject: Re: [PATCH] alloc_tag: Tighten file permissions on /proc/allocinfo Message-ID: References: <20240425200844.work.184-kees@kernel.org> <64cngpnwyav4odustofs6hgsh7htpc5nu23tx4lb3vxaltmqf2@sxn63f2gg4gu> <202404251532.F8860056AE@keescook> <20240425164718.e8e187dd0c5b0a87371d8316@linux-foundation.org> <202404251740.81F21E54@keescook> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Rspamd-Queue-Id: 214441A000A X-Stat-Signature: 1sjm7h4msfdmsy9chc4eeuupa5n7j9ed X-Rspam-User: X-Rspamd-Server: rspam07 X-HE-Tag: 1714101944-976156 X-HE-Meta: U2FsdGVkX1+Ha2MGaSQ8paZxmGqcdW8UT5CUgFTShnutAVhII82LNfkPs78BGwaTT0hMXHT2QDLtZOVjUl7geB9+LP3IRW33c6iNhtdSSYf0dObIhvEyOW/0b9gVvsNq6vYtslwbt4fmlBSvmxpHj/1BVo+/vIiXvT0vV/PQh5dmi0HKhljO0wlHSqb2lpxOf5Hod/i+iMd9Yd5AnSjb+hYmKJa5UmH4TfIX3cRQ0HFn/M3o00i9tqrVKO2Mj7I168AzqVO8qVep0EHJnZar0fZ3PzR6CAjGGXbqEKp5Q2G+pvmjddzRNLx4zclf7HtogJJvjSGFm00SdHYeHNjnkoYAFaf6J7RZVB6lhI3Sn7zJuNcKYwtlozsyVd1A3fLNRsWQDcVpfdWBofNvoeHs0HF0PN1FPUfkC25a3Ou8wueQxQkNkB5TdfMe3vboCBEDD16lGy8ZK2sq/TonLYM1ptmFn4HXvqpTF5Y1yADhDSRwCd8wMBYDsYBmZr0aJsPDqXdb/8ncvfZCIAaw0Eh/KiUBxhQgtm9s/wwWZiuEG1eOFnKDZgLS+NNfRKNPqbnZPzpVz32ddOlp/ru3cRliToe7B7cW2vEGl75kLwraeIOWaInl1pHch8dn4lzIM+dmQc5Uhlog9Fq/Lyl/PBHFp+kgKBkO4rioJ5r/DsSaCLk5+EHrqtan+ALwXyFkzHEZdjm+Ua7Rp9xDuyR/82nLLVLNA2JT3dqAmPJm9OxnswNRaVfZWQNg1FYH8shb46o2xbd2RGQLWiAcQsOylfqG/9LVkO+a/tWw7sUYI2urbT9V8qbSppJunkT9Y8CcLr85FTi7YwkUuesMLtCwLFoQ7ARFRVOmji5gFEzJ6Twj4CYQ4aVdlorAuLYgfmP+G/91Glc/pGqO+/GfeBtgNVt/YkmgM5hr9/G8uiYogPrIEXFeqCwOBgZdgcBhZALBvRKgD0GMRIm84ILUkmtkZ9c El1a55lH HCxqcwBdjfi4N6rO3HqeViNjA05pqCVLigLuAMs1l1lysya/LJj7znCPTLVUshUKSPkYT+Tlo0qdsqJgtgHs8Amfmaj5KZ9ssXXqdFQFKhRx7SlhuCFeYHSxb5erV59JtIv8FNMQuMbwxq94usY4H+AY8WVJlWv+r3mIqVWkzh5TaaXkg+iF5ED7RuQ== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Thu, Apr 25, 2024 at 08:58:34PM -0400, Kent Overstreet wrote: > On Thu, Apr 25, 2024 at 05:43:33PM -0700, Kees Cook wrote: > > All this said, I'm still not excited about any of these files living > > in /proc at all -- we were supposed to use /sys for this kind of thing, > > but its interface wasn't great for this kind of more "free-form" data, > > and debugfs isn't good for production interfaces. /proc really should > > only have pid information -- we end up exposing these top-level files to > > every mount namespace with a /proc mount. :( But that's a yet-to-be-solved > > problem... > > It really wouldn't be that hard to relax the 4k file limit in sysfs. It's a lot harder to relax the GregKH opposition to multiple values per file in sysfs.