Received: by 2002:a89:48b:0:b0:1f5:f2ab:c469 with SMTP id a11csp1377983lqd; Thu, 25 Apr 2024 13:46:09 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCWeOw7w9hOwswJLS4Frh0Srmn92oFUFwaH3iVYlN1dfbW/MDcUIhSTJdtaKQPizTZp7vX6UhMoq5EcCreiXyuKnr7QhyKlB5bZia3iaIw== X-Google-Smtp-Source: AGHT+IFTCn7sHq6rnONYIDGfuw4wtFQsL6rD74bLsGZ6cOl47tYUoTGf5zwvJ27a0O+aBvRGqOfn X-Received: by 2002:a17:906:e24f:b0:a58:84e9:c669 with SMTP id gq15-20020a170906e24f00b00a5884e9c669mr555377ejb.52.1714077969379; Thu, 25 Apr 2024 13:46:09 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1714077969; cv=pass; d=google.com; s=arc-20160816; b=n7iiLcdyesRNwglJRlhhqLrpAKEXRvPooRx+JmTmmIgWe1ihfWnPWO2DF6/cnPgJdF bA1r8RwyflsS3O82KWNBHSviOBAUGTRs7EDvbhjM0ya21iCs1w4OLA548UDOfIo/Fg4h tzcnBfCrf4xoY80SdCe2R4LTOqV5uKrwJtDg7P9rPZrLYe+uMHu8SCpxXhPUKfVSqwKH D0Tf2mbDlFh9eKcoFskJlUtfDTpdbk1eeP8mLcHzdt85HnXI4+WYAVpAq6r7KJ/MFffL dz6D00b9sxCMuqDsrKBcKmq0JGCX9r1uRkZUpOJaPCdOCQLT5GaG9KMSbDQ07uX8c48V xfxQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:dkim-signature:date; bh=hCNQR7qh6mKa3nVisqBeesg40dkL9Xi0s9DR3CFmfjE=; fh=Db5sGFnJLTBC2CSBh9S1Tam2FJE6qvrRDnYk54T5jyc=; b=vueZqLn4qgHukdtDEBudZVYRTYVBVz2JyNNotkisATN8pZ60QpxOhD1K0CEFq9Zv14 rMwM8mOwR378regwB3cvzjqyLhvbmzDcowVHav6PEvpEOD+5PFvAvXW17Nz6uSYAQqJ+ +fc8n07u43vb5Q/E6zl3+cHGkCETIMLYR2CW+3oOiTjQFgXGUnU8mfUAyDJsFz//pg6E McUu4WPO9Fqc6vqCQT+Klmy47LGAZaj3pCCcYkdkAtdF59hxlA7YLsarN6R2LmaK3BIV 9Qy2XOeWTCBkD1dAQ2g90w+KNljxdRde5r5z5PQBHLZgMr7hNLdQbJ2BK1wr2YDu1vi4 ZUUA==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=PvQQ5M0Z; arc=pass (i=1 spf=pass spfdomain=linux.dev dkim=pass dkdomain=linux.dev dmarc=pass fromdomain=linux.dev); spf=pass (google.com: domain of linux-kernel+bounces-159159-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-159159-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id dx24-20020a170906a85800b00a55bb1b0859si5196824ejb.832.2024.04.25.13.46.09 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 25 Apr 2024 13:46:09 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-159159-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=PvQQ5M0Z; arc=pass (i=1 spf=pass spfdomain=linux.dev dkim=pass dkdomain=linux.dev dmarc=pass fromdomain=linux.dev); spf=pass (google.com: domain of linux-kernel+bounces-159159-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-159159-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 206D91F24353 for ; Thu, 25 Apr 2024 20:46:09 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 25F0015380E; Thu, 25 Apr 2024 20:46:01 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b="PvQQ5M0Z" Received: from out-181.mta1.migadu.com (out-181.mta1.migadu.com [95.215.58.181]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B9F3A14F9EE for ; Thu, 25 Apr 2024 20:45:58 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=95.215.58.181 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714077960; cv=none; b=NNSVLZqUchMBfStD4zhPcsszN9LGCX9yXQMXxRZR/5T8IwJQozePJXk9j+6oLGYprfIHqe8831ND47jNdRU/tElzLviz7tMpm3LjxhLGOFllh3ETJadlYmu8eMEbZ21wqtjuK3/8HJMNx00D1JOu8h6xzveOPpSSKjwCkFQh1kQ= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1714077960; c=relaxed/simple; bh=hCNQR7qh6mKa3nVisqBeesg40dkL9Xi0s9DR3CFmfjE=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=uk+dQINAIxWrqIXVNimDZOtuIzAVx9w8v/42eJeDfzkLDmrf6VbYoqg81Npp1tXtUOee2Fjgh8PjLBZ5w7/rbs2xiwQPT67C1U9FuO/4iNyXC5/sb+vOFAhjgDvuZIB44MUexqh/fhfRvoNLDgiU0jCgYO36ljTSj0Ch0kNr4z0= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev; spf=pass smtp.mailfrom=linux.dev; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b=PvQQ5M0Z; arc=none smtp.client-ip=95.215.58.181 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.dev Date: Thu, 25 Apr 2024 16:45:51 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1714077956; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=hCNQR7qh6mKa3nVisqBeesg40dkL9Xi0s9DR3CFmfjE=; b=PvQQ5M0ZSVeu1joht4r0LISgeY+iMhdpXyRwjKxYOyEiUuhklCPcRL8i6+KzTdwuQB0dKW z83Qr+oXUiR+dZVTjEccBT+eJixfokS282a5PTxB/Y7He3oNMshdaoJa/6U8fz5ErJp0iW KJC5m2zK6++SrrlzeEflctZcCcC3T6c= X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. From: Kent Overstreet To: Kees Cook Cc: Suren Baghdasaryan , Andrew Morton , linux-mm@kvack.org, linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org Subject: Re: [PATCH] alloc_tag: Tighten file permissions on /proc/allocinfo Message-ID: References: <20240425200844.work.184-kees@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20240425200844.work.184-kees@kernel.org> X-Migadu-Flow: FLOW_OUT On Thu, Apr 25, 2024 at 01:08:50PM -0700, Kees Cook wrote: > The /proc/allocinfo file exposes a tremendous about of information about > kernel build details, memory allocations (obviously), and potentially > even image layout (due to ordering). As this is intended to be consumed > by system owners (like /proc/slabinfo), use the same file permissions as > there: 0400. Err... The side effect of locking down more and more reporting interfaces is that programs that consume those interfaces now have to run as root. That's not what we want.