[LTP] [PATCH 6/11] mmap/mmap12: Testcase failed when no root user run it
Jan Stancek
jstancek@redhat.com
Sat Oct 31 09:15:22 CET 2015
----- Original Message -----
> From: "Cui Bixuan" <cuibixuan@huawei.com>
> To: "Jan Stancek" <jstancek@redhat.com>
> Cc: "Cyril Hrubis" <chrubis@suse.cz>, zhuyanpeng@huawei.com, zhanyongming@huawei.com, ltp@lists.linux.it
> Sent: Saturday, 31 October, 2015 1:54:07 AM
> Subject: Re: [LTP] [PATCH 6/11] mmap/mmap12: Testcase failed when no root user run it
>
> On 2015/10/30 17:29, Jan Stancek wrote:
> >
> >
> >
> >
> > ----- Original Message -----
> >> From: "Cui Bixuan" <cuibixuan@huawei.com>
> >> To: "Cyril Hrubis" <chrubis@suse.cz>
> >> Cc: zhuyanpeng@huawei.com, zhanyongming@huawei.com, ltp@lists.linux.it
> >> Sent: Friday, 30 October, 2015 9:56:36 AM
> >> Subject: Re: [LTP] [PATCH 6/11] mmap/mmap12: Testcase failed when no root
> >> user run it
> >>
> >> On 2015/10/29 19:57, Cyril Hrubis wrote:
> >>> Hi!
> >>>> Add tst_require_root() to testcase for open /proc/self/pagemap file.
> >>>
> >>> On my machines the /proc/self/pagemap is readable by the process (it's
> >>> owned by the user that has started the program).
> >>>
> >>> What is output of ls -l /proc/self/pagemap on your machine?
> >> I look my system and others:
> >> 1) SUSE SP2: 3.0.13-0.27-default (uname -a); test PASS; -r--r--r-- 1 root
> >> root 0 Oct 30 16:13 /proc/self/pagemap
> >> 2) Ubuntu: 3.13.0-32-generic; test PASS; -r--r--r--. 1
> >> cuibixuan cuibixuan 0 10月 30 16:19 /proc/self/pagemap
> >> 3) SUSE: 4.2.0-0.11-default; test FAIL; -r-------- 1 root
> >> root 0 Nov 13 01:39 /proc/self/pagemap
> >> 4) arm64: linux 4.1.6; test FAIL; -r-------- 1 root
> >> root 0 Jan 18 01:53 /proc/self/pagemap
> >>
> >> Maybe the higher version of the kernel change the file attributes
> >> of /proc/self/pagemap, I think.
> >
> > commit 32ed74a4b968a4faff7aaaff557035ce5d5e70ab
> > Author: Djalal Harouni <tixxdz@opendz.org>
> > Date: Mon Apr 7 15:38:38 2014 -0700
> >
> > procfs: make /proc/*/pagemap 0400
> >
> > The /proc/*/pagemap contain sensitive information and currently its
> > mode
> > is 0444. Change this to 0400, so the VFS will prevent unprivileged
> > processes from getting file descriptors on arbitrary privileged
> > /proc/*/pagemap files.
> >
> > but that doesn't explain why process can't read its own pagemap.
> > For 3) and 4): Did you run that as unprivileged user or as a root?
> >
Looks like the EPERM is from this patch, which disabled reading for non-privileged users:
commit ab676b7d6fbf4b294bf198fb27ade5b0e865c7ce
Author: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Date: Mon Mar 9 23:11:12 2015 +0200
pagemap: do not leak physical addresses to non-privileged userspace
it was later removed in:
commit 1c90308e7a77af6742a97d1021cca923b23b7f0d
Author: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
Date: Tue Sep 8 15:00:07 2015 -0700
pagemap: hide physical addresses from non-privileged users
So I'm thinking that we should check "if euid != 0 and opening pagemap gives EPERM",
then quit with TCONF.
Regards,
Jan
>
> > Regards,
> > Jan
> >
> >>
> >> But I read the Documentation/vm/pagemap.txt and look at the source code in
> >> kernel,
> >> can't get it. :-(
> >>
> >> Someone help?
> >>>
> >>
> >>
> >> --
> >> Mailing list info: http://lists.linux.it/listinfo/ltp
> >>
> >
> > .
> >
>
>
More information about the Ltp
mailing list