From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 627F3C4345F for ; Fri, 26 Apr 2024 08:34:08 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id CE7BF6B00A7; Fri, 26 Apr 2024 04:34:07 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id C97666B00B9; Fri, 26 Apr 2024 04:34:07 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id B5F926B00BA; Fri, 26 Apr 2024 04:34:07 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 951FE6B00A7 for ; Fri, 26 Apr 2024 04:34:07 -0400 (EDT) Received: from smtpin18.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id 5001B402D4 for ; Fri, 26 Apr 2024 08:34:07 +0000 (UTC) X-FDA: 82051020534.18.94F19D1 Received: from jabberwock.ucw.cz (jabberwock.ucw.cz [46.255.230.98]) by imf09.hostedemail.com (Postfix) with ESMTP id 946D1140009 for ; Fri, 26 Apr 2024 08:34:05 +0000 (UTC) Authentication-Results: imf09.hostedemail.com; dkim=pass header.d=ucw.cz header.s=gen1 header.b=r1+96Ook; dmarc=pass (policy=none) header.from=ucw.cz; spf=pass (imf09.hostedemail.com: domain of pavel@ucw.cz designates 46.255.230.98 as permitted sender) smtp.mailfrom=pavel@ucw.cz ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1714120445; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=QvibUhHYADzPBz5EC0L11wDXL1jTgRw8iSeBq8eHVAM=; b=rHiiGrnAoprl07MH36RNVT4ZO3VKExCud+0mG/sjTB5zqEIAnCIh2HQn+E1TURQ5ke3A6p 6ruXCUUVP0dTka+nH9HauJq/noaLPGyFKR8Q+zj0DfdGmuuD+6d7q6DPWMvXRSmr6ODMOB Pm+kh0BH4qf/nxKx+cOBm2L6eROYHpg= ARC-Authentication-Results: i=1; imf09.hostedemail.com; dkim=pass header.d=ucw.cz header.s=gen1 header.b=r1+96Ook; dmarc=pass (policy=none) header.from=ucw.cz; spf=pass (imf09.hostedemail.com: domain of pavel@ucw.cz designates 46.255.230.98 as permitted sender) smtp.mailfrom=pavel@ucw.cz ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1714120445; a=rsa-sha256; cv=none; b=dwh5LjQV53PRoEGdrZY+kRzArTD83DZNHPgE5tkxZDNKDYfIhaF8jBqo1Fk+KJNTAfVQBK 2B7E3vZCyjOvLKCo6cibYI00tbzKojNDFyXf8xy9hQbIb0Yuoo7ko67N9af63J0b0oaJSU P3EFEpaxiH2MOq535CSbi2ok4UvaQlI= Received: by jabberwock.ucw.cz (Postfix, from userid 1017) id 0EC6F1C0081; Fri, 26 Apr 2024 10:34:04 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ucw.cz; s=gen1; t=1714120444; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=QvibUhHYADzPBz5EC0L11wDXL1jTgRw8iSeBq8eHVAM=; b=r1+96OokA5XnKcE0vuf1HJX1Ft1NJRMVXB5Y6SoF6NZ+LhN73MJbxf6L6vZMvey5Kjcj0e 9cOjaBw82DXwSN7HFQyB9TyKY1Q/O16uAIueJST+3SO64nnoP8t+r5PZ+EVeT1RVPuI9a7 2Vj+jc1gpnbG7eTWMr9PAYK0TEF4RsA= Date: Fri, 26 Apr 2024 10:34:03 +0200 From: Pavel Machek To: Matthew Wilcox Cc: Kent Overstreet , Kees Cook , Andrew Morton , Suren Baghdasaryan , linux-mm@kvack.org, linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org Subject: Re: [PATCH] alloc_tag: Tighten file permissions on /proc/allocinfo Message-ID: References: <20240425200844.work.184-kees@kernel.org> <64cngpnwyav4odustofs6hgsh7htpc5nu23tx4lb3vxaltmqf2@sxn63f2gg4gu> <202404251532.F8860056AE@keescook> <20240425164718.e8e187dd0c5b0a87371d8316@linux-foundation.org> <202404251740.81F21E54@keescook> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="Hfd8D8Tcgbk/y9Re" Content-Disposition: inline In-Reply-To: X-Rspam-User: X-Rspamd-Server: rspam08 X-Rspamd-Queue-Id: 946D1140009 X-Stat-Signature: tykkzz98tkpgdqnakspfpktz37m8ogz5 X-HE-Tag: 1714120445-529172 X-HE-Meta: U2FsdGVkX1+ZUj0rOPiA69OSm3YQXCX8NrpSNWFwH0OYJMFDmfN4+dRcfXkRw2Aonk1O7imUlJHhC7yfbfGIjfG8PCyAXyP+Hxn9YtzHQ6N0A8tknZ0jsE0RkxAzDDa1wX9Z7GE2fdiev/n5z2pfUyqrZbK5sXyU3kKqYdSnmGIbfXID5fIjkiD9/HgZ+IcFxercyK+bNkYdaTkJa0ZkX+xMMTOglOnfV4oDeiygLyCGnWSEnNaMg+IUyD3dE/rtMR4v00PvpKPrQWqXd/Q1ipOEKdnwllPVQ9VlTjuFBCdW4sYo8pWXzYlOeo4jXKG6/Z3aDGidzwoWID8+hzm+5SGfTpm4VL2lXZ2ZrsF0dck0JiupEb3V+Hw0Nao8cr1dWz1en3fEDDRpU/wy25ZSAHoEsVurPahw5WcrAEvch/LwEdEFT78UbrVueQ4UPCU1JDOtiL49DdateKnxNcjuTsvJQmUg6eSotF4hPrDPwPole48qS7u8vbSFw0Pu2jmEo+qJpSM1SfxWwLTeAGtqfLGtzXmP1n3fC6GC/SccW/h04f3ppTqjJzxVX29muEh9w/CuurOFpDiq10rjQLs4TDyeV2TNGVTVJmp/82YdyUIgObJ52RulgGVAmyb5j01RlC0ZWN4KmJWw122mGIlFTLe5nU6TDvJBXwoUM2IHVdHe74MQVafPfWHLcv7Ch0424ja0yyKngSt2xvxrA9CNFD5l034xXi3bGv6qzGbGyego/ydLztV/ZEIplQPpekOOoZAUPcEJdyiOWmesSv3hxNSxLzyC1NUadAXIo9OSS0P/0ta3CR4tabyr39CkMQgm3QAz0pXOtTCJajOoIvsNDE1d4NoYZTSAN/aLYVSAVkNgkffr185ZU/MILblVAwZxFcQcj2iiTfeaRcfPTQcf35wrIWOChkOPSLYPGVavCVEGqWJa4U/plJ9ywK16kyAB685TQYpN03OR0+t51Pe T6BVjG1/ 3a7fsdKkAv1XUgyuUN1BjXMjkUcpnxZ9xPY0WGphF3AVip5hWaNs8OT9DUmztH1X9JAMWSwit+Z1jaetMNIiuVWOH3mdAZaGC39FNyI/3kYuBPQ9jkM0fAtW8ebCeKi3d1tWsSzoiH2fVwOel5PQCdsqJw+st7j4RoGJvIhIZd3rlSNCWsQVu/PIYM0GQF+amxwT+SsTiL4kJu+zEe0EX2JvriAcZLg4tiedGEk/JM3oFtO+K/Z+5fguS55bIXjBiv0YU X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: --Hfd8D8Tcgbk/y9Re Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri 2024-04-26 04:25:40, Matthew Wilcox wrote: > On Thu, Apr 25, 2024 at 08:58:34PM -0400, Kent Overstreet wrote: > > On Thu, Apr 25, 2024 at 05:43:33PM -0700, Kees Cook wrote: > > > All this said, I'm still not excited about any of these files living > > > in /proc at all -- we were supposed to use /sys for this kind of thin= g, > > > but its interface wasn't great for this kind of more "free-form" data, > > > and debugfs isn't good for production interfaces. /proc really should > > > only have pid information -- we end up exposing these top-level files= to > > > every mount namespace with a /proc mount. :( But that's a yet-to-be-s= olved > > > problem... > >=20 > > It really wouldn't be that hard to relax the 4k file limit in sysfs. >=20 > It's a lot harder to relax the GregKH opposition to multiple values per > file in sysfs. With all the "vulnerability" files including multiple-files with english text, you may be able to renegotiate that :-). Joking, really the vulnerability files should be fixed. Pavel --=20 People of Russia, stop Putin before his war on Ukraine escalates. --Hfd8D8Tcgbk/y9Re Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iF0EABECAB0WIQRPfPO7r0eAhk010v0w5/Bqldv68gUCZitm+wAKCRAw5/Bqldv6 8ll4AJ9jdqA72f4HoYEdP44jUJtvFz4NiwCfS7dHjbTz44v8yKIi6pQk9qVCu6s= =C7Pf -----END PGP SIGNATURE----- --Hfd8D8Tcgbk/y9Re--