This patch adds kernel.core_flags_enable sysctl parameter, which allows
root user to disable the /proc/<pid>/core_flags feature globally.
Signed-off-by: Hidehiro Kawai <[EMAIL PROTECTED]>
---
fs/binfmt_elf.c | 3 ++-
fs/binfmt_elf_fdpic.c | 3 ++-
fs/exec.c | 1 +
include/linux/binfmts.h | 1 +
include/linux/sysctl.h | 1 +
kernel/sysctl.c | 11 +++++++++++
6 files changed, 18 insertions(+), 2 deletions(-)
Index: linux-2.6.20-rc4-mm1/fs/exec.c
===================================================================
--- linux-2.6.20-rc4-mm1.orig/fs/exec.c
+++ linux-2.6.20-rc4-mm1/fs/exec.c
@@ -61,6 +61,7 @@
int core_uses_pid;
char core_pattern[128] = "core";
int suid_dumpable = 0;
+unsigned int sysctl_core_flags_enable = 0x1;
/* Protect dumpable and core_flags in each mm_struct from race condition. */
DEFINE_SPINLOCK(dump_bits_lock);
Index: linux-2.6.20-rc4-mm1/include/linux/sysctl.h
===================================================================
--- linux-2.6.20-rc4-mm1.orig/include/linux/sysctl.h
+++ linux-2.6.20-rc4-mm1/include/linux/sysctl.h
@@ -160,6 +160,7 @@ enum
KERN_MAX_LOCK_DEPTH=74,
KERN_NMI_WATCHDOG=75, /* int: enable/disable nmi watchdog */
KERN_PANIC_ON_NMI=76, /* int: whether we will panic on an unrecovered */
+ KERN_CORE_FLAGS_ENABLE=77, /* int: enabled flags in core_flags */
};
Index: linux-2.6.20-rc4-mm1/kernel/sysctl.c
===================================================================
--- linux-2.6.20-rc4-mm1.orig/kernel/sysctl.c
+++ linux-2.6.20-rc4-mm1/kernel/sysctl.c
@@ -69,6 +69,7 @@ extern int max_threads;
extern int core_uses_pid;
extern int suid_dumpable;
extern char core_pattern[];
+extern unsigned int sysctl_core_flags_enable;
extern int pid_max;
extern int min_free_kbytes;
extern int printk_ratelimit_jiffies;
@@ -354,6 +355,16 @@ static ctl_table kern_table[] = {
.proc_handler = &proc_dostring,
.strategy = &sysctl_string,
},
+#if defined(USE_ELF_CORE_DUMP) && defined(CONFIG_ELF_CORE)
+ {
+ .ctl_name = KERN_CORE_FLAGS_ENABLE,
+ .procname = "core_flags_enable",
+ .data = &sysctl_core_flags_enable,
+ .maxlen = sizeof(unsigned int),
+ .mode = 0644,
+ .proc_handler = &proc_dointvec,
+ },
+#endif
#ifdef CONFIG_PROC_SYSCTL
{
.ctl_name = KERN_TAINTED,
Index: linux-2.6.20-rc4-mm1/include/linux/binfmts.h
===================================================================
--- linux-2.6.20-rc4-mm1.orig/include/linux/binfmts.h
+++ linux-2.6.20-rc4-mm1/include/linux/binfmts.h
@@ -81,6 +81,7 @@ extern int suid_dumpable;
/* Core dump control flags */
#define CORE_OMIT_ANON_SHARED 0x1 /* don't dump anonymous shared memory */
+extern unsigned int sysctl_core_flags_enable;
extern int setup_arg_pages(struct linux_binprm * bprm,
unsigned long stack_top,
Index: linux-2.6.20-rc4-mm1/fs/binfmt_elf.c
===================================================================
--- linux-2.6.20-rc4-mm1.orig/fs/binfmt_elf.c
+++ linux-2.6.20-rc4-mm1/fs/binfmt_elf.c
@@ -1597,7 +1597,8 @@ static int elf_core_dump(long signr, str
}
dataoff = offset = roundup(offset, ELF_EXEC_PAGESIZE);
- __set_dump_bits(core_flags, current->mm->core_flags);
+ __set_dump_bits(core_flags,
+ current->mm->core_flags & sysctl_core_flags_enable);
/* Write program headers for segments dump */
for (vma = current->mm->mmap; vma != NULL; vma = vma->vm_next) {
Index: linux-2.6.20-rc4-mm1/fs/binfmt_elf_fdpic.c
===================================================================
--- linux-2.6.20-rc4-mm1.orig/fs/binfmt_elf_fdpic.c
+++ linux-2.6.20-rc4-mm1/fs/binfmt_elf_fdpic.c
@@ -1703,7 +1703,8 @@ static int elf_fdpic_core_dump(long sign
/* Page-align dumped data */
dataoff = offset = roundup(offset, ELF_EXEC_PAGESIZE);
- __set_dump_bits(core_flags, current->mm->core_flags);
+ __set_dump_bits(core_flags,
+ current->mm->core_flags & sysctl_core_flags_enable;);
/* write program headers for segments dump */
for (
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
