From: ebiederm@xmission.com (Eric W. Biederman)
To: Alexey Dobriyan <adobriyan@gmail.com>
Cc: Andrew Morton <akpm@linux-foundation.org>,
Chris Down <chris@chrisdown.name>,
Johannes Weiner <hannes@cmpxchg.org>,
linux-mm@kvack.org, linux-kernel@vger.kernel.org,
kernel-team@fb.com
Subject: Re: [PATCH] kernel: sysctl: make drop_caches write-only
Date: Sun, 03 Nov 2019 13:00:36 -0600 [thread overview]
Message-ID: <8736f4g4yz.fsf@x220.int.ebiederm.org> (raw)
In-Reply-To: <20191102155536.GA10251@avx2> (Alexey Dobriyan's message of "Sat, 2 Nov 2019 18:55:36 +0300")
Alexey Dobriyan <adobriyan@gmail.com> writes:
> On Fri, Nov 01, 2019 at 12:35:44PM -0700, Andrew Morton wrote:
>> On Fri, 1 Nov 2019 12:29:20 -0700 Andrew Morton <akpm@linux-foundation.org> wrote:
>>
>> > > Either change is an upgrade from the current situation, at least. I prefer
>> > > towards whatever makes the API the least confusing, which appears to be
>> > > Johannes' original change, but I'd support a patch which always set it to
>> > > 0 instead if it was deemed safer.
>> >
>> > On the other hand.. As I mentioned earlier, if someone's code is
>> > failing because of the permissions change, they can chmod
>> > /proc/sys/vm/drop_caches at boot time and be happy. They have no such
>> > workaround if their software misbehaves due to a read always returning
>> > "0".
>>
>> I lied. I can chmod things in /proc but I can't chmod things in
>> /proc/sys/vm. Huh, why did we do that?
>
> To conserve memory! It was in 2007.
> For the record I support 0200 on vm.drop_caches.
>
> commit 77b14db502cb85a031fe8fde6c85d52f3e0acb63
> [PATCH] sysctl: reimplement the sysctl proc support
>
> +static int proc_sys_setattr(struct dentry *dentry, struct iattr *attr)
> +{
> + struct inode *inode = dentry->d_inode;
> + int error;
> +
> + if (attr->ia_valid & (ATTR_MODE | ATTR_UID | ATTR_GID))
> + return -EPERM;
Almost.
The rewrite was both to concerve memory and to support the network
namespace. Which required a different view of proc files.
But in this case we have always unconditionally called sysctl_perm. The
change above at best removed a layer of obfuscation that made it look
like some other permission check was being honored.
Eric
next prev parent reply other threads:[~2019-11-03 19:00 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-31 22:16 [PATCH] kernel: sysctl: make drop_caches write-only Johannes Weiner
2019-10-31 23:28 ` Andrew Morton
2019-11-01 11:09 ` Chris Down
2019-11-01 11:09 ` Chris Down
2019-11-01 14:45 ` Johannes Weiner
2019-11-01 18:59 ` Andrew Morton
2019-11-01 19:24 ` Chris Down
2019-11-01 19:29 ` Andrew Morton
2019-11-01 19:35 ` Andrew Morton
2019-11-02 15:55 ` Alexey Dobriyan
2019-11-03 19:00 ` Eric W. Biederman [this message]
2019-11-01 10:58 ` Chris Down
2019-11-04 10:37 ` David Hildenbrand
2019-11-04 13:25 ` Vlastimil Babka
2019-11-05 6:20 ` Michal Hocko
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=8736f4g4yz.fsf@x220.int.ebiederm.org \
--to=ebiederm@xmission.com \
--cc=adobriyan@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=chris@chrisdown.name \
--cc=hannes@cmpxchg.org \
--cc=kernel-team@fb.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).