[PATCH 3/3] coredump: re-implement suid_dumpable using a flag

[Eugene Teo]

Hidehiro-san re-implemented suid_dumpable using a pair of bit flags. But
since we no longer permitting users to call prctl(PR_SET_DUMPABLE, 2),
there is no need to waste a bit of mm_struct.flags for something that will
never be used.

Signed-off-by: Eugene Teo <eugeneteo@xxxxxxxxx>
---
 fs/exec.c             |   42 +++++-------------------------------------
 include/linux/sched.h |   13 ++++++-------
 2 files changed, 11 insertions(+), 44 deletions(-)

diff --git a/fs/exec.c b/fs/exec.c
index 60b4080..0f30b94 100644
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -1666,53 +1666,21 @@ fail:
 }
 
 /*
- * set_dumpable converts traditional three-value dumpable to two flags and
- * stores them into mm->flags.  It modifies lower two bits of mm->flags, but
- * these bits are not changed atomically.  So get_dumpable can observe the
- * intermediate state.  To avoid doing unexpected behavior, get get_dumpable
- * return either old dumpable or new one by paying attention to the order of
- * modifying the bits.
- *
- * dumpable |   mm->flags (binary)
- * old  new | initial interim  final
- * ---------+-----------------------
- *  0    1  |   00      01      01
- *  0    2  |   00      10(*)   11
- *  1    0  |   01      00      00
- *  1    2  |   01      11      11
- *  2    0  |   11      10(*)   00
- *  2    1  |   11      11      01
- *
- * (*) get_dumpable regards interim value of 10 as 11.
+ * set_dumpable converts traditional two-value dumpable to one flag and
+ * stores it in mm->flags. It modifies the lower bit of mm->flags.
  */
 void set_dumpable(struct mm_struct *mm, int value)
 {
-	switch (value) {
-	case 0:
+	if (value == 0)
 		clear_bit(MMF_DUMPABLE, &mm->flags);
-		smp_wmb();
-		clear_bit(MMF_DUMP_SECURELY, &mm->flags);
-		break;
-	case 1:
-		set_bit(MMF_DUMPABLE, &mm->flags);
-		smp_wmb();
-		clear_bit(MMF_DUMP_SECURELY, &mm->flags);
-		break;
-	case 2:
-		set_bit(MMF_DUMP_SECURELY, &mm->flags);
-		smp_wmb();
+	else if (value == 1)
 		set_bit(MMF_DUMPABLE, &mm->flags);
-		break;
-	}
 }
 EXPORT_SYMBOL_GPL(set_dumpable);
 
 int get_dumpable(struct mm_struct *mm)
 {
-	int ret;
-
-	ret = mm->flags & 0x3;
-	return (ret >= 2) ? 2 : ret;
+	return (mm->flags & 0x1);
 }
 
 int do_coredump(long signr, int exit_code, struct pt_regs * regs)
diff --git a/include/linux/sched.h b/include/linux/sched.h
index 2e49027..8a0092d 100644
--- a/include/linux/sched.h
+++ b/include/linux/sched.h
@@ -350,15 +350,14 @@ extern int get_dumpable(struct mm_struct *mm);
 
 /* mm flags */
 /* dumpable bits */
-#define MMF_DUMPABLE      0  /* core dump is permitted */
-#define MMF_DUMP_SECURELY 1  /* core file is readable only by root */
-#define MMF_DUMPABLE_BITS 2
+#define MMF_DUMPABLE		0  /* core dump is permitted */
+#define MMF_DUMPABLE_BITS	1
 
 /* coredump filter bits */
-#define MMF_DUMP_ANON_PRIVATE	2
-#define MMF_DUMP_ANON_SHARED	3
-#define MMF_DUMP_MAPPED_PRIVATE	4
-#define MMF_DUMP_MAPPED_SHARED	5
+#define MMF_DUMP_ANON_PRIVATE	1
+#define MMF_DUMP_ANON_SHARED	2
+#define MMF_DUMP_MAPPED_PRIVATE	3
+#define MMF_DUMP_MAPPED_SHARED	4
 #define MMF_DUMP_FILTER_SHIFT	MMF_DUMPABLE_BITS
 #define MMF_DUMP_FILTER_BITS	4
 #define MMF_DUMP_FILTER_MASK \

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/