summaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorKawai, Hidehiro <hidehiro.kawai.ez@hitachi.com>2007-07-19 10:48:26 +0200
committerLinus Torvalds <torvalds@woody.linux-foundation.org>2007-07-19 19:04:46 +0200
commit76fdbb25f963de5dc1e308325f0578a2f92b1c2d (patch)
treece54ba0dc9e6d45dfe6bccfc6a663628f7734843 /security
parentdocbook: don't reference file without kernel-doc (diff)
downloadlinux-76fdbb25f963de5dc1e308325f0578a2f92b1c2d.tar.xz
linux-76fdbb25f963de5dc1e308325f0578a2f92b1c2d.zip
coredump masking: bound suid_dumpable sysctl
This patch series is version 5 of the core dump masking feature, which controls which VMAs should be dumped based on their memory types and per-process flags. I adopted most of Andrew's suggestion at the previous version. He also suggested using system call instead of /proc/<pid>/ interface, I decided to use the latter continuously because adding new system call with pid argument will give a big impact on the kernel. You can access the per-process flags via /proc/<pid>/coredump_filter interface. coredump_filter represents a bitmask of memory types, and if a bit is set, VMAs of corresponding memory type are written into a core file when the process is dumped. The bitmask is inherited from the parent process when a process is created. The original purpose is to avoid longtime system slowdown when a number of processes which share a huge shared memory are dumped at the same time. To achieve this purpose, this patch series adds an ability to suppress dumping anonymous shared memory for specified processes. In this version, three other memory types are also supported. Here are the coredump_filter bits: bit 0: anonymous private memory bit 1: anonymous shared memory bit 2: file-backed private memory bit 3: file-backed shared memory The default value of coredump_filter is 0x3. This means the new core dump routine has the same behavior as conventional behavior by default. In this version, coredump_filter bits and mm.dumpable are merged into mm.flags, and it is accessed by atomic bitops. The supported core file formats are ELF and ELF-FDPIC. ELF has been tested, but ELF-FDPIC has not been built and tested because I don't have the test environment. This patch limits a value of suid_dumpable sysctl to the range of 0 to 2. Signed-off-by: Hidehiro Kawai <hidehiro.kawai.ez@hitachi.com> Cc: Alan Cox <alan@lxorguk.ukuu.org.uk> Cc: David Howells <dhowells@redhat.com> Cc: Hugh Dickins <hugh@veritas.com> Cc: Nick Piggin <nickpiggin@yahoo.com.au> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'security')
0 files changed, 0 insertions, 0 deletions