Received: by 2002:a05:6358:489b:b0:bb:da1:e618 with SMTP id x27csp401342rwn; Thu, 8 Sep 2022 03:29:30 -0700 (PDT) X-Google-Smtp-Source: AA6agR5kU2dksQEZ7Mj8ve1hzVDw1VjUWgcOmQG8+VPgg/jce+towxuDLBdEa9/WgtSMzrvcFm0S X-Received: by 2002:a17:906:cc12:b0:741:64ed:125a with SMTP id ml18-20020a170906cc1200b0074164ed125amr5510086ejb.713.1662632970411; Thu, 08 Sep 2022 03:29:30 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1662632970; cv=none; d=google.com; s=arc-20160816; b=N7FZeiMZKPNoeudNfhaHb+X+xB9p+U5PKszUV5FbYx36z+KOcdQHNG7MOqNLZZpc+Q WLlcueSWBoFCmtAhAIY2AFl1jzXrSH/7WoAeHiLKdJgE1/8/MKb6cmpcEdG3LWRXOqfG xbwtzBAJd44fnTm4fxT16wwQnbylwGoAGuWudup3WVRD07oz9WGzrIEa7o+PkW9ZxRZC 7ZHGylCx6d9+WIV4M8cKJyNSj8oEW/Rktk0L2q3EEQN9X0Dmel7DXp/W3X5qbXmNim8a ThM5PeWGqvYXftZrHBLUco1kv7++8DKR05yElnVzUxlcBUHFmYAxxTz9qMR5CC4be8LK /0Tg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=RsTH7ifEluKq6XX/DunK8Ba8dE7uhbH5m6Q9/jEy/qU=; b=u4IlIVrtSkZLwvsq5q3x0KbQWjz0d1p0vzRrjN/N7BQZ+DVSFrPdsy32kEtkZL4X4Q UbCf3lZZ/1zjDK58I7Ua3mqGhaCGOPr2mFHcsJk0+JREJQ4WuwKe0JZSv3c1axLyvKsq p3Xt3ELUrqUYmtkW58Z+eczwqPmOlqp0FPwkYrko3tUHEiqA6IaqHSFCLJnCs1oI5361 G0X6/p5+jwO6m09aJ6xpsN9Kk2l53L7FXZ2Kx75AwY/TZTZQibVAPfbTefGYhtp7nvbA giPzZxu5bKVM5viyXvgiG//0idJDY3v0gGTEsit1+JVFVSPcsX4dD01iZqhJcMTuYTDY MytA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass (test mode) header.i=@axis.com header.s=axis-central1 header.b=FMOJr7Db; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=axis.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id er24-20020a056402449800b0044eddb3932dsi4819457edb.569.2022.09.08.03.29.05; Thu, 08 Sep 2022 03:29:30 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass (test mode) header.i=@axis.com header.s=axis-central1 header.b=FMOJr7Db; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=axis.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230511AbiIHJmY (ORCPT + 99 others); Thu, 8 Sep 2022 05:42:24 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57546 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230448AbiIHJmW (ORCPT ); Thu, 8 Sep 2022 05:42:22 -0400 Received: from smtp1.axis.com (smtp1.axis.com [195.60.68.17]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 07CBE1197B8; Thu, 8 Sep 2022 02:42:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=axis.com; q=dns/txt; s=axis-central1; t=1662630141; x=1694166141; h=date:from:to:cc:subject:message-id:references: mime-version:in-reply-to; bh=RsTH7ifEluKq6XX/DunK8Ba8dE7uhbH5m6Q9/jEy/qU=; b=FMOJr7Db/2yT5w0nf2NHFa77MHrr+1/oI86jgPpjZOwSxtU6Xxm1N6fN NOZU2Y/kL0cP1tKayC2IpOJ/NuITBUO2BgFdfRAQ0ceSjSaqsIR17cWfh 58+KmL2LZRRF4ByGC5ONQTlJg4xI1L/jQ1yjc0ijPOuOhoKgfIGftfGKd +bIikI94VZ+u00yAjaC1UsJMIRm3samHlf3x8/ndZYSwfGnQ4vS9ildHd HHSgh7U/Nr20tCjz08kLRBxhqKYqEbgu3P7xIbiDiBnPFvemBbpgy+vTu 389Mn1yTVtct6lUcFC+0PsY07v+LDNSIEP13XzcPfVWpTuSaXTaQrAIbH A==; Date: Thu, 8 Sep 2022 11:42:18 +0200 From: Vincent Whitchurch To: Sergey Senozhatsky CC: Alexey Dobriyan , Andrew Morton , Vlastimil Babka , Kees Cook , Matthew Wilcox , , Subject: Re: [RFC] process /proc/PID/smaps vs /proc/PID/smaps_rollup Message-ID: References: <20200929020520.GC871730@jagdpanzerIV.localdomain> <20200929024018.GA529@jagdpanzerIV.localdomain> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Disposition: inline In-Reply-To: <20200929024018.GA529@jagdpanzerIV.localdomain> X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_PASS, SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Sep 29, 2020 at 11:40:18AM +0900, Sergey Senozhatsky wrote: > On (20/09/29 11:05), Sergey Senozhatsky wrote: > > One of our unprivileged daemon process needs process PSS info. That > > info is usually available in /proc/PID/smaps on per-vma basis, on > > in /proc/PID/smaps_rollup as a bunch of accumulated per-vma values. > > The latter one is much faster and simpler to get, but, unlike smaps, > > smaps_rollup requires PTRACE_MODE_READ, which we don't want to > > grant to our unprivileged daemon. > > > > So the question is - can we get, somehow, accumulated PSS info from > > a non-privileged process? (Iterating through all process' smaps > > vma-s consumes quite a bit of CPU time). This is related to another > > question - why do smaps and smaps_rollup have different permission > > requirements? > > Hold on, seems that I misread something, /proc/PID/smaps is also > unavailable. So the question is, then, how do we get PSS info of > a random user-space process from an unprivileged daemon? smaps contains a lot of sensitive information, but perhaps smaps_rollup could be allowed without ptrace rights if the range information is masked. I've posted a patch here: https://lore.kernel.org/linux-mm/20220908093919.843346-1-vincent.whitchurch@axis.com/