Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp1459600imu; Wed, 16 Jan 2019 20:31:08 -0800 (PST) X-Google-Smtp-Source: ALg8bN5A/P66VujKv94bFvgnqtXuhyClOJXzpvowRO+Jz0kUPd28pVfvl3m8AJrx7KUS6MJMCt6o X-Received: by 2002:a17:902:161:: with SMTP id 88mr13715572plb.306.1547699468651; Wed, 16 Jan 2019 20:31:08 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1547699468; cv=none; d=google.com; s=arc-20160816; b=Rsp/nEBzngE5uFwwQchpLpcLkUmLyg2L5jFxqtBAati9NSeFr2Am6KKPKdZqSc0QtR hZPI1tGJfsQTB4DHcpXpPO9ypt97ozq0mTz1Eh+7noO7ZNE5sDzZs9CGlwulV+br+yxl gR2auqunYrnfnHO/mrajDoa1fxLXjj/tu4TIUkmICRnrlxnm88+MwqnnYv/s0dYpfc7k +A+r9nTqx9ftrgCQlTXW1ETgwYaUv1yqE2dbGUzFMzbbhYL9A7dNNxIba3AbteKA9QMW 8gRHk+LjF0oAaG0aR52xPAKsq+gyBCTPrGC1ii/jJKS+rYIgwIry/KdJMeMHGwU9W905 WLJA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=/lZp/LiztmwJqQc2EnDobX8v8UA9Y/6UeG0tcWzhA7o=; b=WlGl6ZFvTAV5qhxSi0AHJE3xTlaHpLf09SoRuEkjoRyD/yHjqty0bdJHjEqdHtDrJE 0htBzSFJaDsdqLT7IWJ6+DGP3W/vDLdhgsmEw7LvLqXFoluxfHbMZ2lvtvRUsqi9+ICA YoXj9vfWwTk8SzdOZLJ1RX6SUyoKraPlfhynwvUlQv35DbYliSzHGRS2OpnRCgIBT8VU B9IbETNEd+alhDTP+JH1LQPw0eOTgFzw7/FC6f43MJIe4p9JYxm5KtQqJZQjhF/Ng9bz R3YCSe0fOzHRarHKl3wYQeBSK6WLsS/1QlYVQ/FkFpM5ykNoXIKLmjMSLM9nABnpV7+t /oBg== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@infradead.org header.s=bombadil.20170209 header.b=WKlxAEXz; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id d16si530601pfn.169.2019.01.16.20.30.53; Wed, 16 Jan 2019 20:31:08 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@infradead.org header.s=bombadil.20170209 header.b=WKlxAEXz; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2392718AbfAPMgP (ORCPT + 99 others); Wed, 16 Jan 2019 07:36:15 -0500 Received: from bombadil.infradead.org ([198.137.202.133]:39368 "EHLO bombadil.infradead.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2390065AbfAPMgO (ORCPT ); Wed, 16 Jan 2019 07:36:14 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=bombadil.20170209; h=In-Reply-To:Content-Type:MIME-Version :References:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=/lZp/LiztmwJqQc2EnDobX8v8UA9Y/6UeG0tcWzhA7o=; b=WKlxAEXzMYkrZBynkoizTbbmK CS3lD8KnOKnPCmoc1P0PbUy1WNx6QVAq3t4WPtBL22w0njy7+hios7Cv9JqpYTWKjznixRGtiMlMv 3J2lAYVUD7tK2yaYAPUytJIUCXB7RKI7PSt9o9N60TutaIAhsIg7i8Iri3xLAY41teUio+hEFOOkT PTFV2H8h8mZ5lYeDavWv+3G523MUs5CDrpW5230JPBbduIFY8+ytJ1TaylOXkjoHR6MZUux1zRKrw CuX3koOjuGDYZudCByMlLMlLhYdwvVB8WDJV2x1cv5Xm1BAWC+At4ClOQP1hEZV0WWhtP7+nHJg+Y /GnpXcL+g==; Received: from willy by bombadil.infradead.org with local (Exim 4.90_1 #2 (Red Hat Linux)) id 1gjkQS-0006GZ-4h; Wed, 16 Jan 2019 12:36:08 +0000 Date: Wed, 16 Jan 2019 04:36:07 -0800 From: Matthew Wilcox To: Linus Torvalds Cc: Josh Snyder , Dominique Martinet , Dave Chinner , Jiri Kosina , Jann Horn , Andrew Morton , Greg KH , Peter Zijlstra , Michal Hocko , Linux-MM , kernel list , Linux API Subject: Re: [PATCH] mm/mincore: allow for making sys_mincore() privileged Message-ID: <20190116123607.GG6310@bombadil.infradead.org> References: <20190109043906.GF27534@dastard> <20190110004424.GH27534@dastard> <20190110070355.GJ27534@dastard> <20190110122442.GA21216@nautica> <5c3e7de6.1c69fb81.4aebb.3fec@mx.google.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.9.2 (2017-12-15) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Jan 16, 2019 at 05:00:25PM +1200, Linus Torvalds wrote: > And if you're not the owner of the file, do you have another > suggestion for that "Yes, I have the right to see what's in-core for > this file". Because the problem is literally that if it's some random > read-only system file, the kernel shouldn't leak access patterns to > it.. This probably isn't a good heuristic, but thought I'd mention it anyway ... if the file is executable and you're not the owner, mincore always/never says its pages are resident. That'd fix all library leaks, but then there's probably a smart way of figuring out something from access patterns to a data file of some kind (/etc/passwd?)