From 1881c3dbd810ace56f52a9ab826f7f133c2b729b Mon Sep 17 00:00:00 2001 From: c30043414 Date: Wed, 23 Aug 2023 14:40:55 +0800 Subject: [PATCH 1/2] fix_maps Signed-off-by: c30043414 Change-Id: I0f760a1248a2222d0a10ce3dfa5ca412bd41dc61 --- fs/proc/Kconfig | 7 +++++++ fs/proc/Makefile | 1 + fs/proc/task_mmu.c | 44 ++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 52 insertions(+) diff --git a/fs/proc/Kconfig b/fs/proc/Kconfig index c930001056f9..3942b372e0ec 100644 --- a/fs/proc/Kconfig +++ b/fs/proc/Kconfig @@ -107,3 +107,10 @@ config PROC_PID_ARCH_STATUS config PROC_CPU_RESCTRL def_bool n depends on PROC_FS + +config PROC_MAPS_DEBUG + default n + bool "Enable proc/pid/maps debug" + help + Select show address about anonymous area of the render process with + -rx- permissions or not. diff --git a/fs/proc/Makefile b/fs/proc/Makefile index bcbca3ed17c9..02dfff8545c8 100644 --- a/fs/proc/Makefile +++ b/fs/proc/Makefile @@ -6,6 +6,7 @@ obj-y += proc.o CFLAGS_task_mmu.o += $(call cc-option,-Wno-override-init,) +CFLAGS_task_mmu.o += -DPROC_MAPS_DEBUG proc-y := nommu.o task_nommu.o proc-$(CONFIG_MMU) := task_mmu.o diff --git a/fs/proc/task_mmu.c b/fs/proc/task_mmu.c index 5b486198a968..a9b11f79e3fc 100644 --- a/fs/proc/task_mmu.c +++ b/fs/proc/task_mmu.c @@ -301,7 +301,51 @@ show_map_vma(struct seq_file *m, struct vm_area_struct *vma) start = vma->vm_start; end = vma->vm_end; + +#ifdef PROC_MAPS_DEBUG show_vma_header_prefix(m, start, end, flags, pgoff, dev, ino); +#else + struct inode *inode_task = file_inode(m->file); + char *selinux_label = NULL; + int rc; + u32 secid; + u32 secctx_sz = 0; + bool result = false; + bool ret_read = false; + bool ret_exec = false; + bool ret_name = false; + struct task_struct *task = get_proc_task(inode_task); + + security_cred_getsecid(task->cred, &secid); + rc = security_secid_to_secctx(secid, &selinux_label, &secctx_sz); + if (!rc) { + if (strcmp(selinux_label, "u:r:isolated_render:s0") == 0) { + result = true; + } + } + if (flags & VM_READ) { + ret_read = true; + } + + if (flags & VM_EXEC) { + ret_exec = true; + } + + name = arch_vma_name(vma); + if (!name) { + struct anon_vma_name *anon_name; + anon_name = anon_vma_name(vma); + if (anon_name) { + ret_name = true; + } + } + + if (ret_read && ret_exec && result && ret_name) { + return; + }else{ + show_vma_header_prefix(m, start, end, flags, pgoff, dev, ino); + } +#endif /* * Print the dentry name for named mappings, and a -- Gitee From cc9d0198b89232ecef058c6fe63d0bc1f679f0f6 Mon Sep 17 00:00:00 2001 From: c30043414 Date: Mon, 28 Aug 2023 10:41:03 +0800 Subject: [PATCH 2/2] Signed-off-by: c30043414 Change-Id: I9411175746db8c266974391b6b06cc845e281786 Change-Id: I6e0d5738684d4a99a59b6307b2c65a6d31534f95 --- fs/Kconfig | 1 + fs/proc/Kconfig | 7 ------- fs/proc/Makefile | 2 +- fs/proc/task_mmu.c | 49 ++++++---------------------------------------- 4 files changed, 8 insertions(+), 51 deletions(-) diff --git a/fs/Kconfig b/fs/Kconfig index efc725d7c628..e6562afc66e6 100644 --- a/fs/Kconfig +++ b/fs/Kconfig @@ -43,6 +43,7 @@ source "fs/btrfs/Kconfig" source "fs/nilfs2/Kconfig" source "fs/f2fs/Kconfig" source "fs/zonefs/Kconfig" +source "fs/proc/vma/Kconfig" config FS_DAX bool "Direct Access (DAX) support" diff --git a/fs/proc/Kconfig b/fs/proc/Kconfig index 3942b372e0ec..c930001056f9 100644 --- a/fs/proc/Kconfig +++ b/fs/proc/Kconfig @@ -107,10 +107,3 @@ config PROC_PID_ARCH_STATUS config PROC_CPU_RESCTRL def_bool n depends on PROC_FS - -config PROC_MAPS_DEBUG - default n - bool "Enable proc/pid/maps debug" - help - Select show address about anonymous area of the render process with - -rx- permissions or not. diff --git a/fs/proc/Makefile b/fs/proc/Makefile index 02dfff8545c8..d4903f6662aa 100644 --- a/fs/proc/Makefile +++ b/fs/proc/Makefile @@ -6,7 +6,6 @@ obj-y += proc.o CFLAGS_task_mmu.o += $(call cc-option,-Wno-override-init,) -CFLAGS_task_mmu.o += -DPROC_MAPS_DEBUG proc-y := nommu.o task_nommu.o proc-$(CONFIG_MMU) := task_mmu.o @@ -36,3 +35,4 @@ proc-$(CONFIG_PRINTK) += kmsg.o proc-$(CONFIG_PROC_PAGE_MONITOR) += page.o proc-$(CONFIG_BOOT_CONFIG) += bootconfig.o proc-$(CONFIG_SECURITY_XPM) += xpm_region.o +proc-$(CONFIG_HIDE_RENDER_ADDRESS) += vma/vma_render.o diff --git a/fs/proc/task_mmu.c b/fs/proc/task_mmu.c index a9b11f79e3fc..5f28bccc2ccc 100644 --- a/fs/proc/task_mmu.c +++ b/fs/proc/task_mmu.c @@ -28,6 +28,9 @@ #include #include #include "internal.h" +#ifdef CONFIG_HIDE_RENDER_ADDRESS +#include +#endif #define SEQ_PUT_DEC(str, val) \ seq_put_decimal_ull_width(m, str, (val) << (PAGE_SHIFT-10), 8) @@ -301,51 +304,11 @@ show_map_vma(struct seq_file *m, struct vm_area_struct *vma) start = vma->vm_start; end = vma->vm_end; +#ifdef CONFIG_HIDE_RENDER_ADDRESS + hck_show_map_vma(&start, &end, &flags, m, vma); +#endif -#ifdef PROC_MAPS_DEBUG show_vma_header_prefix(m, start, end, flags, pgoff, dev, ino); -#else - struct inode *inode_task = file_inode(m->file); - char *selinux_label = NULL; - int rc; - u32 secid; - u32 secctx_sz = 0; - bool result = false; - bool ret_read = false; - bool ret_exec = false; - bool ret_name = false; - struct task_struct *task = get_proc_task(inode_task); - - security_cred_getsecid(task->cred, &secid); - rc = security_secid_to_secctx(secid, &selinux_label, &secctx_sz); - if (!rc) { - if (strcmp(selinux_label, "u:r:isolated_render:s0") == 0) { - result = true; - } - } - if (flags & VM_READ) { - ret_read = true; - } - - if (flags & VM_EXEC) { - ret_exec = true; - } - - name = arch_vma_name(vma); - if (!name) { - struct anon_vma_name *anon_name; - anon_name = anon_vma_name(vma); - if (anon_name) { - ret_name = true; - } - } - - if (ret_read && ret_exec && result && ret_name) { - return; - }else{ - show_vma_header_prefix(m, start, end, flags, pgoff, dev, ino); - } -#endif /* * Print the dentry name for named mappings, and a -- Gitee