Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1753252AbcKIAkI (ORCPT <rfc822;w@1wt.eu>);
        Tue, 8 Nov 2016 19:40:08 -0500
Received: from mail-wm0-f53.google.com ([74.125.82.53]:37507 "EHLO
        mail-wm0-f53.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1751605AbcKIAkF (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 8 Nov 2016 19:40:05 -0500
MIME-Version: 1.0
In-Reply-To: <b5c45594261252a486b891090eba8f10aa7ed329.1478650356.git-series.josh@joshtriplett.org>
References: <cover.c693f10dfc19e12c214758e4b13ca9b4e4cf9668.1478650356.git-series.josh@joshtriplett.org>
 <b5c45594261252a486b891090eba8f10aa7ed329.1478650356.git-series.josh@joshtriplett.org>
From: Kees Cook <keescook@chromium.org>
Date: Tue, 8 Nov 2016 16:40:02 -0800
X-Google-Sender-Auth: V4cLtB0K5SIVRVNbQSmDE0Cmzcs
Message-ID: <CAGXu5j+V11oF0gcqBQTsBMgetsSdRqLQffobhyEbze82gbW2vA@mail.gmail.com>
Subject: Re: [PATCH 2/2] kernel: Support compiling out the prctl syscall
To: Josh Triplett <josh@joshtriplett.org>
Cc: Andrew Morton <akpm@linux-foundation.org>,
        Johannes Weiner <hannes@cmpxchg.org>, Arnd Bergmann <arnd@arndb.de>,
        Ingo Molnar <mingo@kernel.org>, Andy Lutomirski <luto@kernel.org>,
        Petr Mladek <pmladek@suse.com>, Thomas Garnier <thgarnie@google.com>,
        Ard Biesheuvel <ard.biesheuvel@linaro.org>,
        Nicolas Pitre <nicolas.pitre@linaro.org>,
        Zefan Li <lizefan@huawei.com>, Li Bin <huawei.libin@huawei.com>,
        "Eric W. Biederman" <ebiederm@xmission.com>,
        Dmitry Vyukov <dvyukov@google.com>, Ralf Baechle <ralf@linux-mips.org>,
        Alex Thorlton <athorlton@sgi.com>, Michal Hocko <mhocko@suse.com>,
        Mateusz Guzik <mguzik@redhat.com>,
        Cyrill Gorcunov <gorcunov@openvz.org>,
        John Stultz <john.stultz@linaro.org>,
        Al Viro <viro@zeniv.linux.org.uk>, Zach Brown <zab@redhat.com>,
        Anna Schumaker <Anna.Schumaker@netapp.com>,
        Dave Hansen <dave.hansen@intel.com>,
        LKML <linux-kernel@vger.kernel.org>,
        Linux API <linux-api@vger.kernel.org>
Content-Type: text/plain; charset=UTF-8
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 3081
Lines: 92

On Tue, Nov 8, 2016 at 4:18 PM, Josh Triplett <josh@joshtriplett.org> wrote:
> Some embedded systems can do without the prctl syscall, saving some
> space.
>
> This also avoids regular increases in tinyconfig size as people add more
> non-optional functionality to prctl (observed via the 0-day kernel
> infrastructure).
>
> bloat-o-meter results:
>
> add/remove: 0/3 grow/shrink: 0/1 up/down: 0/-2143 (-2143)
> function                                     old     new   delta
> offsets                                       23      12     -11
> prctl_set_auxv                                97       -     -97
> sys_prctl                                    794       -    -794
> prctl_set_mm                                1241       -   -1241
> Total: Before=1902583, After=1900440, chg -0.11%
>
> Signed-off-by: Josh Triplett <josh@joshtriplett.org>

I'm absolutely a fan of doing this, but I wonder how this interacts
with the LSMs that define prctl hooks, etc. I wouldn't expect a system
that didn't want prctl to want an LSM, but maybe the LSMs all need to
depend on CONFIG_PRCTL now?

-Kees

> ---
>  init/Kconfig    | 12 ++++++++++++
>  kernel/Makefile |  3 ++-
>  kernel/sys_ni.c |  1 +
>  3 files changed, 15 insertions(+), 1 deletion(-)
>
> diff --git a/init/Kconfig b/init/Kconfig
> index 34407f1..1dd671c 100644
> --- a/init/Kconfig
> +++ b/init/Kconfig
> @@ -1408,6 +1408,18 @@ config MULTIUSER
>
>           If unsure, say Y here.
>
> +config PRCTL
> +       bool "prctl syscall" if EXPERT
> +       default y
> +       help
> +         This option enables the prctl syscall, used for a variety of
> +         operations on the current process.
> +
> +         If building an embedded system where no applications or libraries use
> +         prctl, you can disable this option to save space.
> +
> +         If unsure, say Y here.
> +
>  config SGETMASK_SYSCALL
>         bool "sgetmask/ssetmask syscalls support" if EXPERT
>         def_bool PARISC || MN10300 || BLACKFIN || M68K || PPC || MIPS || X86 || SPARC || CRIS || MICROBLAZE || SUPERH
> diff --git a/kernel/Makefile b/kernel/Makefile
> index 37c6d4c..43fb4ca 100644
> --- a/kernel/Makefile
> +++ b/kernel/Makefile
> @@ -9,9 +9,10 @@ obj-y     = fork.o exec_domain.o panic.o \
>             extable.o params.o \
>             kthread.o sys_ni.o nsproxy.o \
>             notifier.o ksysfs.o cred.o reboot.o \
> -           async.o range.o smpboot.o ucount.o prctl.o
> +           async.o range.o smpboot.o ucount.o
>
>  obj-$(CONFIG_MULTIUSER) += groups.o
> +obj-$(CONFIG_PRCTL) += prctl.o
>
>  ifdef CONFIG_FUNCTION_TRACER
>  # Do not trace internal ftrace files
> diff --git a/kernel/sys_ni.c b/kernel/sys_ni.c
> index 635482e..84fd646 100644
> --- a/kernel/sys_ni.c
> +++ b/kernel/sys_ni.c
> @@ -175,6 +175,7 @@ cond_syscall(sys_setfsgid);
>  cond_syscall(sys_capget);
>  cond_syscall(sys_capset);
>  cond_syscall(sys_copy_file_range);
> +cond_syscall(sys_prctl);
>
>  /* arch-specific weak syscall entries */
>  cond_syscall(sys_pciconfig_read);
> --
> git-series 0.8.11



-- 
Kees Cook
Nexus Security