From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.8 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5F411C11F68 for ; Fri, 2 Jul 2021 14:54:16 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id BD19061420 for ; Fri, 2 Jul 2021 14:54:15 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org BD19061420 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=ubuntu.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id E842A6B0011; Fri, 2 Jul 2021 10:54:14 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id E0D1D6B0036; Fri, 2 Jul 2021 10:54:14 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id C87156B005D; Fri, 2 Jul 2021 10:54:14 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0231.hostedemail.com [216.40.44.231]) by kanga.kvack.org (Postfix) with ESMTP id 9E76B6B0011 for ; Fri, 2 Jul 2021 10:54:14 -0400 (EDT) Received: from smtpin25.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay03.hostedemail.com (Postfix) with ESMTP id 428EC80222EC for ; Fri, 2 Jul 2021 14:54:14 +0000 (UTC) X-FDA: 78317943228.25.784D2F6 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by imf30.hostedemail.com (Postfix) with ESMTP id C4ED2E00304E for ; Fri, 2 Jul 2021 14:54:13 +0000 (UTC) Received: by mail.kernel.org (Postfix) with ESMTPSA id 8B2746140C; Fri, 2 Jul 2021 14:54:06 +0000 (UTC) Date: Fri, 2 Jul 2021 16:54:03 +0200 From: Christian Brauner To: Andrew Morton Cc: adobriyan@gmail.com, avagin@gmail.com, bernd.edlinger@hotmail.de, christian.koenig@amd.com, corbet@lwn.net, deller@gmx.de, ebiederm@xmission.com, gladkov.alexey@gmail.com, hridya@google.com, jamorris@linux.microsoft.com, jannh@google.com, jeffv@google.com, kaleshsingh@google.com, keescook@chromium.org, linux-mm@kvack.org, mchehab+huawei@kernel.org, mhocko@suse.com, minchan@kernel.org, mm-commits@vger.kernel.org, rdunlap@infradead.org, surenb@google.com, szabolcs.nagy@arm.com, torvalds@linux-foundation.org, viro@zeniv.linux.org.uk, walken@google.com, willy@infradead.org Subject: Re: [patch 142/192] procfs: allow reading fdinfo with PTRACE_MODE_READ Message-ID: <20210702145403.asuwl5mmvyxhzs5o@wittgenstein> References: <20210630184624.9ca1937310b0dd5ce66b30e7@linux-foundation.org> <20210701015444.ZOZaFPX0b%akpm@linux-foundation.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20210701015444.ZOZaFPX0b%akpm@linux-foundation.org> Authentication-Results: imf30.hostedemail.com; dkim=none; dmarc=none; spf=pass (imf30.hostedemail.com: domain of "SRS0=EvQe=L2=ubuntu.com=christian.brauner@kernel.org" designates 198.145.29.99 as permitted sender) smtp.mailfrom="SRS0=EvQe=L2=ubuntu.com=christian.brauner@kernel.org" X-Stat-Signature: c46x1ibj4k8gzgtq3nyiwgwgrndapi7u X-Rspamd-Queue-Id: C4ED2E00304E X-Rspamd-Server: rspam06 X-HE-Tag: 1625237653-798511 Content-Transfer-Encoding: quoted-printable X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Wed, Jun 30, 2021 at 06:54:44PM -0700, Andrew Morton wrote: > From: Kalesh Singh > Subject: procfs: allow reading fdinfo with PTRACE_MODE_READ >=20 > Android captures per-process system memory state when certain low memor= y > events (e.g a foreground app kill) occur, to identify potential memory > hoggers. In order to measure how much memory a process actually consum= es, > it is necessary to include the DMA buffer sizes for that process in the > memory accounting. Since the handle to DMA buffers are raw FDs, it is > important to be able to identify which processes have FD references to = a > DMA buffer. >=20 > Currently, DMA buffer FDs can be accounted using /proc//fd/* and > /proc//fdinfo -- both are only readable by the process owner, as > follows: >=20 > 1. Do a readlink on each FD. > 2. If the target path begins with "/dmabuf", then the FD is a dmabuf = FD. > 3. stat the file to get the dmabuf inode number. > 4. Read/ proc//fdinfo/, to get the DMA buffer size. >=20 > Accessing other processes' fdinfo requires root privileges. This limit= s > the use of the interface to debugging environments and is not suitable = for > production builds. Granting root privileges even to a system process > increases the attack surface and is highly undesirable. >=20 > Since fdinfo doesn't permit reading process memory and manipulating > process state, allow accessing fdinfo under PTRACE_MODE_READ_FSCRED. >=20 > Link: https://lkml.kernel.org/r/20210308170651.919148-1-kaleshsingh@goo= gle.com > Signed-off-by: Kalesh Singh > Suggested-by: Jann Horn > Acked-by: Christian K=C3=B6nig > Cc: Alexander Viro > Cc: Alexey Dobriyan > Cc: Alexey Gladkov > Cc: Andrei Vagin > Cc: Bernd Edlinger > Cc: Christian Brauner > Cc: Eric W. Biederman > Cc: Helge Deller > Cc: Hridya Valsaraju > Cc: James Morris > Cc: Jeff Vander Stoep > Cc: Jonathan Corbet > Cc: Kees Cook > Cc: Matthew Wilcox > Cc: Mauro Carvalho Chehab > Cc: Michal Hocko > Cc: Michel Lespinasse > Cc: Minchan Kim > Cc: Randy Dunlap > Cc: Suren Baghdasaryan > Cc: Szabolcs Nagy > Signed-off-by: Andrew Morton > --- Rather useful (also for CRIU and others). Acked-by: Christian Brauner