From: Andrew Morton <akpm@linux-foundation.org>
To: akpm@linux-foundation.org, anil.s.keshavamurthy@intel.com,
christian.brauner@ubuntu.com, crope@iki.fi, davem@davemloft.net,
ebiederm@xmission.com, ebiggers@google.com,
keescook@chromium.org, kernel@tuxforce.de, linux-mm@kvack.org,
mcgrof@kernel.org, mhiramat@kernel.org,
mm-commits@vger.kernel.org, naveen.n.rao@linux.ibm.com,
nixiaoming@huawei.com, steve@sk2.org,
torvalds@linux-foundation.org, viro@zeniv.linux.org.uk,
yzaikin@google.com
Subject: [patch 40/69] fs/coredump: move coredump sysctls into its own file
Date: Fri, 21 Jan 2022 22:13:38 -0800 [thread overview]
Message-ID: <20220122061338.5zX8ZkJkF%akpm@linux-foundation.org> (raw)
In-Reply-To: <20220121221021.60533b009c357d660791476e@linux-foundation.org>
From: Xiaoming Ni <nixiaoming@huawei.com>
Subject: fs/coredump: move coredump sysctls into its own file
This moves the fs/coredump.c respective sysctls to its own file.
Link: https://lkml.kernel.org/r/20211129211943.640266-6-mcgrof@kernel.org
Signed-off-by: Xiaoming Ni <nixiaoming@huawei.com>
Signed-off-by: Luis Chamberlain <mcgrof@kernel.org>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Anil S Keshavamurthy <anil.s.keshavamurthy@intel.com>
Cc: Antti Palosaari <crope@iki.fi>
Cc: Christian Brauner <christian.brauner@ubuntu.com>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: Eric Biederman <ebiederm@xmission.com>
Cc: Eric Biggers <ebiggers@google.com>
Cc: Iurii Zaikin <yzaikin@google.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Lukas Middendorf <kernel@tuxforce.de>
Cc: Masami Hiramatsu <mhiramat@kernel.org>
Cc: "Naveen N. Rao" <naveen.n.rao@linux.ibm.com>
Cc: Stephen Kitt <steve@sk2.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
---
fs/coredump.c | 66 ++++++++++++++++++++++++++++++++++---
fs/exec.c | 55 ------------------------------
include/linux/coredump.h | 10 +++--
kernel/sysctl.c | 2 -
4 files changed, 67 insertions(+), 66 deletions(-)
--- a/fs/coredump.c~fs-coredump-move-coredump-sysctls-into-its-own-file
+++ a/fs/coredump.c
@@ -41,6 +41,7 @@
#include <linux/fs.h>
#include <linux/path.h>
#include <linux/timekeeping.h>
+#include <linux/sysctl.h>
#include <linux/uaccess.h>
#include <asm/mmu_context.h>
@@ -52,9 +53,9 @@
#include <trace/events/sched.h>
-int core_uses_pid;
-unsigned int core_pipe_limit;
-char core_pattern[CORENAME_MAX_SIZE] = "core";
+static int core_uses_pid;
+static unsigned int core_pipe_limit;
+static char core_pattern[CORENAME_MAX_SIZE] = "core";
static int core_name_size = CORENAME_MAX_SIZE;
struct core_name {
@@ -62,8 +63,6 @@ struct core_name {
int used, size;
};
-/* The maximal length of core_pattern is also specified in sysctl.c */
-
static int expand_corename(struct core_name *cn, int size)
{
char *corename = krealloc(cn->corename, size, GFP_KERNEL);
@@ -893,6 +892,63 @@ int dump_align(struct coredump_params *c
}
EXPORT_SYMBOL(dump_align);
+#ifdef CONFIG_SYSCTL
+
+void validate_coredump_safety(void)
+{
+ if (suid_dumpable == SUID_DUMP_ROOT &&
+ core_pattern[0] != '/' && core_pattern[0] != '|') {
+ pr_warn(
+"Unsafe core_pattern used with fs.suid_dumpable=2.\n"
+"Pipe handler or fully qualified core dump path required.\n"
+"Set kernel.core_pattern before fs.suid_dumpable.\n"
+ );
+ }
+}
+
+static int proc_dostring_coredump(struct ctl_table *table, int write,
+ void *buffer, size_t *lenp, loff_t *ppos)
+{
+ int error = proc_dostring(table, write, buffer, lenp, ppos);
+
+ if (!error)
+ validate_coredump_safety();
+ return error;
+}
+
+static struct ctl_table coredump_sysctls[] = {
+ {
+ .procname = "core_uses_pid",
+ .data = &core_uses_pid,
+ .maxlen = sizeof(int),
+ .mode = 0644,
+ .proc_handler = proc_dointvec,
+ },
+ {
+ .procname = "core_pattern",
+ .data = core_pattern,
+ .maxlen = CORENAME_MAX_SIZE,
+ .mode = 0644,
+ .proc_handler = proc_dostring_coredump,
+ },
+ {
+ .procname = "core_pipe_limit",
+ .data = &core_pipe_limit,
+ .maxlen = sizeof(unsigned int),
+ .mode = 0644,
+ .proc_handler = proc_dointvec,
+ },
+ { }
+};
+
+static int __init init_fs_coredump_sysctls(void)
+{
+ register_sysctl_init("kernel", coredump_sysctls);
+ return 0;
+}
+fs_initcall(init_fs_coredump_sysctls);
+#endif /* CONFIG_SYSCTL */
+
/*
* The purpose of always_dump_vma() is to make sure that special kernel mappings
* that are useful for post-mortem analysis are included in every core dump.
--- a/fs/exec.c~fs-coredump-move-coredump-sysctls-into-its-own-file
+++ a/fs/exec.c
@@ -2103,20 +2103,6 @@ COMPAT_SYSCALL_DEFINE5(execveat, int, fd
#ifdef CONFIG_SYSCTL
-static void validate_coredump_safety(void)
-{
-#ifdef CONFIG_COREDUMP
- if (suid_dumpable == SUID_DUMP_ROOT &&
- core_pattern[0] != '/' && core_pattern[0] != '|') {
- pr_warn(
-"Unsafe core_pattern used with fs.suid_dumpable=2.\n"
-"Pipe handler or fully qualified core dump path required.\n"
-"Set kernel.core_pattern before fs.suid_dumpable.\n"
- );
- }
-#endif
-}
-
static int proc_dointvec_minmax_coredump(struct ctl_table *table, int write,
void *buffer, size_t *lenp, loff_t *ppos)
{
@@ -2140,50 +2126,9 @@ static struct ctl_table fs_exec_sysctls[
{ }
};
-#ifdef CONFIG_COREDUMP
-
-static int proc_dostring_coredump(struct ctl_table *table, int write,
- void *buffer, size_t *lenp, loff_t *ppos)
-{
- int error = proc_dostring(table, write, buffer, lenp, ppos);
-
- if (!error)
- validate_coredump_safety();
- return error;
-}
-
-static struct ctl_table kernel_exec_sysctls[] = {
- {
- .procname = "core_uses_pid",
- .data = &core_uses_pid,
- .maxlen = sizeof(int),
- .mode = 0644,
- .proc_handler = proc_dointvec,
- },
- {
- .procname = "core_pattern",
- .data = core_pattern,
- .maxlen = CORENAME_MAX_SIZE,
- .mode = 0644,
- .proc_handler = proc_dostring_coredump,
- },
- {
- .procname = "core_pipe_limit",
- .data = &core_pipe_limit,
- .maxlen = sizeof(unsigned int),
- .mode = 0644,
- .proc_handler = proc_dointvec,
- },
- { }
-};
-#endif
-
static int __init init_fs_exec_sysctls(void)
{
register_sysctl_init("fs", fs_exec_sysctls);
-#ifdef CONFIG_COREDUMP
- register_sysctl_init("kernel", kernel_exec_sysctls);
-#endif
return 0;
}
--- a/include/linux/coredump.h~fs-coredump-move-coredump-sysctls-into-its-own-file
+++ a/include/linux/coredump.h
@@ -14,10 +14,6 @@ struct core_vma_metadata {
unsigned long dump_size;
};
-extern int core_uses_pid;
-extern char core_pattern[];
-extern unsigned int core_pipe_limit;
-
/*
* These are the only things you should do on a core-file: use only these
* functions to write out all the necessary info.
@@ -37,4 +33,10 @@ extern void do_coredump(const kernel_sig
static inline void do_coredump(const kernel_siginfo_t *siginfo) {}
#endif
+#if defined(CONFIG_COREDUMP) && defined(CONFIG_SYSCTL)
+extern void validate_coredump_safety(void);
+#else
+static inline void validate_coredump_safety(void) {}
+#endif
+
#endif /* _LINUX_COREDUMP_H */
--- a/kernel/sysctl.c~fs-coredump-move-coredump-sysctls-into-its-own-file
+++ a/kernel/sysctl.c
@@ -62,12 +62,10 @@
#include <linux/capability.h>
#include <linux/binfmts.h>
#include <linux/sched/sysctl.h>
-#include <linux/sched/coredump.h>
#include <linux/kexec.h>
#include <linux/bpf.h>
#include <linux/mount.h>
#include <linux/userfaultfd_k.h>
-#include <linux/coredump.h>
#include <linux/latencytop.h>
#include <linux/pid.h>
#include <linux/delayacct.h>
_
next prev parent reply other threads:[~2022-01-22 6:13 UTC|newest]
Thread overview: 81+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-01-22 6:10 incoming Andrew Morton
2022-01-22 6:10 ` [patch 01/69] mm/migrate.c: rework migration_entry_wait() to not take a pageref Andrew Morton
2022-01-22 6:10 ` [patch 02/69] sysctl: add a new register_sysctl_init() interface Andrew Morton
2022-01-22 6:10 ` [patch 03/69] sysctl: move some boundary constants from sysctl.c to sysctl_vals Andrew Morton
2022-01-22 6:11 ` [patch 04/69] hung_task: move hung_task sysctl interface to hung_task.c Andrew Morton
2022-01-22 6:11 ` [patch 05/69] watchdog: move watchdog sysctl interface to watchdog.c Andrew Morton
2022-01-22 6:11 ` [patch 06/69] sysctl: make ngroups_max const Andrew Morton
2022-01-22 6:11 ` [patch 07/69] sysctl: use const for typically used max/min proc sysctls Andrew Morton
2022-01-22 6:11 ` [patch 08/69] sysctl: use SYSCTL_ZERO to replace some static int zero uses Andrew Morton
2022-01-22 6:11 ` [patch 09/69] aio: move aio sysctl to aio.c Andrew Morton
2022-01-22 6:11 ` [patch 10/69] dnotify: move dnotify sysctl to dnotify.c Andrew Morton
2022-01-22 6:11 ` [patch 11/69] hpet: simplify subdirectory registration with register_sysctl() Andrew Morton
2022-01-22 6:11 ` [patch 12/69] i915: " Andrew Morton
2022-01-22 6:11 ` [patch 13/69] macintosh/mac_hid.c: " Andrew Morton
2022-01-22 6:11 ` [patch 14/69] ocfs2: " Andrew Morton
2022-01-22 6:11 ` [patch 15/69] test_sysctl: " Andrew Morton
2022-01-22 6:11 ` [patch 16/69] inotify: " Andrew Morton
2022-01-22 6:12 ` [patch 17/69] cdrom: " Andrew Morton
2022-01-22 6:12 ` [patch 18/69] eventpoll: simplify sysctl declaration " Andrew Morton
2022-01-22 6:12 ` [patch 19/69] firmware_loader: move firmware sysctl to its own files Andrew Morton
2022-01-22 6:12 ` [patch 20/69] random: move the random sysctl declarations to its own file Andrew Morton
2022-01-22 6:12 ` [patch 21/69] sysctl: add helper to register a sysctl mount point Andrew Morton
2022-01-22 6:12 ` [patch 22/69] fs: move binfmt_misc sysctl to its own file Andrew Morton
2022-02-07 13:27 ` [PATCH] Fix regression due to "fs: move binfmt_misc sysctl to its own file" Domenico Andreoli
2022-02-07 21:46 ` Luis Chamberlain
2022-02-07 22:53 ` Tong Zhang
2022-02-08 17:20 ` Luis Chamberlain
2022-02-09 7:31 ` Domenico Andreoli
2022-02-09 7:49 ` [PATCH v2] " Domenico Andreoli
2022-02-09 7:55 ` Tong Zhang
2022-02-13 15:34 ` Ido Schimmel
2022-02-13 21:10 ` Tong Zhang
2022-02-14 7:47 ` Ido Schimmel
2022-02-08 6:46 ` [PATCH] " Thorsten Leemhuis
2022-01-22 6:12 ` [patch 23/69] printk: move printk sysctl to printk/sysctl.c Andrew Morton
2022-01-22 6:12 ` [patch 24/69] scsi/sg: move sg-big-buff sysctl to scsi/sg.c Andrew Morton
2022-01-22 6:12 ` [patch 25/69] stackleak: move stack_erasing sysctl to stackleak.c Andrew Morton
2022-01-22 6:12 ` [patch 26/69] sysctl: share unsigned long const values Andrew Morton
2022-01-22 6:12 ` [patch 27/69] fs: move inode sysctls to its own file Andrew Morton
2022-01-22 6:12 ` [patch 28/69] fs: move fs stat sysctls to file_table.c Andrew Morton
2022-01-22 6:12 ` [patch 29/69] fs: move dcache sysctls to its own file Andrew Morton
2022-01-22 6:13 ` [patch 30/69] sysctl: move maxolduid as a sysctl specific const Andrew Morton
2022-01-22 6:13 ` [patch 31/69] fs: move shared sysctls to fs/sysctls.c Andrew Morton
2022-01-22 6:13 ` [patch 32/69] fs: move locking sysctls where they are used Andrew Morton
2022-01-22 6:13 ` [patch 33/69] fs: move namei sysctls to its own file Andrew Morton
2022-01-22 6:13 ` [patch 34/69] fs: move fs/exec.c sysctls into " Andrew Morton
2022-01-22 6:13 ` [patch 35/69] fs: move pipe sysctls to is " Andrew Morton
2022-01-22 6:13 ` [patch 36/69] sysctl: add and use base directory declarer and registration helper Andrew Morton
2022-01-22 6:13 ` [patch 37/69] fs: move namespace sysctls and declare fs base directory Andrew Morton
2022-01-22 6:13 ` [patch 38/69] kernel/sysctl.c: rename sysctl_init() to sysctl_init_bases() Andrew Morton
2022-01-22 6:13 ` [patch 39/69] printk: fix build warning when CONFIG_PRINTK=n Andrew Morton
2022-01-22 6:13 ` Andrew Morton [this message]
2022-01-22 6:13 ` [patch 41/69] kprobe: move sysctl_kprobes_optimization to kprobes.c Andrew Morton
2022-01-22 6:13 ` [patch 42/69] kernel/sysctl.c: remove unused variable ten_thousand Andrew Morton
2022-01-22 6:13 ` [patch 43/69] sysctl: returns -EINVAL when a negative value is passed to proc_doulongvec_minmax Andrew Morton
2022-01-22 6:13 ` [patch 44/69] zsmalloc: introduce some helper functions Andrew Morton
2022-01-22 6:13 ` [patch 45/69] zsmalloc: rename zs_stat_type to class_stat_type Andrew Morton
2022-01-22 6:13 ` [patch 46/69] zsmalloc: decouple class actions from zspage works Andrew Morton
2022-01-22 6:14 ` [patch 47/69] zsmalloc: introduce obj_allocated Andrew Morton
2022-01-22 6:14 ` [patch 48/69] zsmalloc: move huge compressed obj from page to zspage Andrew Morton
2022-01-22 6:14 ` [patch 49/69] zsmalloc: remove zspage isolation for migration Andrew Morton
2022-01-22 6:14 ` [patch 50/69] locking/rwlocks: introduce write_lock_nested Andrew Morton
2022-01-22 6:14 ` [patch 51/69] zsmalloc: replace per zpage lock with pool->migrate_lock Andrew Morton
2022-01-22 6:14 ` [patch 52/69] zsmalloc: replace get_cpu_var with local_lock Andrew Morton
2022-01-22 6:14 ` [patch 53/69] fs: proc: store PDE()->data into inode->i_private Andrew Morton
2022-01-22 6:14 ` [patch 54/69] proc: remove PDE_DATA() completely Andrew Morton
2022-01-22 6:14 ` [patch 55/69] lib/stackdepot: allow optional init and stack_table allocation by kvmalloc() Andrew Morton
2022-01-22 6:14 ` [patch 56/69] lib/stackdepot: always do filter_irq_stacks() in stack_depot_save() Andrew Morton
2022-01-22 6:14 ` [patch 57/69] mm: remove cleancache Andrew Morton
2022-01-22 6:14 ` [patch 58/69] frontswap: remove frontswap_writethrough Andrew Morton
2022-01-22 6:14 ` [patch 59/69] frontswap: remove frontswap_tmem_exclusive_gets Andrew Morton
2022-01-22 6:14 ` [patch 60/69] frontswap: remove frontswap_shrink Andrew Morton
2022-01-22 6:14 ` [patch 61/69] frontswap: remove frontswap_curr_pages Andrew Morton
2022-01-22 6:14 ` [patch 62/69] frontswap: simplify frontswap_init Andrew Morton
2022-01-22 6:14 ` [patch 63/69] frontswap: remove the frontswap exports Andrew Morton
2022-01-22 6:14 ` [patch 64/69] mm: simplify try_to_unuse Andrew Morton
2022-01-22 6:15 ` [patch 65/69] frontswap: remove frontswap_test Andrew Morton
2022-01-22 6:15 ` [patch 66/69] frontswap: simplify frontswap_register_ops Andrew Morton
2022-01-22 6:15 ` [patch 67/69] mm: mark swap_lock and swap_active_head static Andrew Morton
2022-01-22 6:15 ` [patch 68/69] frontswap: remove support for multiple ops Andrew Morton
2022-01-22 6:15 ` [patch 69/69] mm: hide the FRONTSWAP Kconfig symbol Andrew Morton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220122061338.5zX8ZkJkF%akpm@linux-foundation.org \
--to=akpm@linux-foundation.org \
--cc=anil.s.keshavamurthy@intel.com \
--cc=christian.brauner@ubuntu.com \
--cc=crope@iki.fi \
--cc=davem@davemloft.net \
--cc=ebiederm@xmission.com \
--cc=ebiggers@google.com \
--cc=keescook@chromium.org \
--cc=kernel@tuxforce.de \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mcgrof@kernel.org \
--cc=mhiramat@kernel.org \
--cc=mm-commits@vger.kernel.org \
--cc=naveen.n.rao@linux.ibm.com \
--cc=nixiaoming@huawei.com \
--cc=steve@sk2.org \
--cc=torvalds@linux-foundation.org \
--cc=viro@zeniv.linux.org.uk \
--cc=yzaikin@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).