On Sun, Oct 10, 2010 at 16:49, Al Viro <viro@xxxxxxxxxxxxxxxxxx> wrote:
On Sun, Oct 10, 2010 at 11:47:20AM +0200, Geert Uytterhoeven wrote:
The cheapest way to reproduce is to boot with init=/bin/sh, then
mount /proc and have stat("/proc/2/exe", &st) called; if stat()
returns 0, we are fscked. ??The critical part is between return
from proc_exe_link() (we'll leave it via if (!mm) return -ENOENT;)
to return from __do_follow_link() -> do_follow_link() -> link_path_walk().
I booted 2.6.36-rc7-atari-00360-g0dd2e6a (my current private test kernel) with
init=/bin/sh, mounted /proc, and tried
  for i in $(seq 1000); do stat /proc/2/exe; done
a few times, but I didn't see any ida_remove messages.
It cannot read the /proc/2/exe symlink, though.
This is on aranym-0.9.9-1 from Ubuntu/amd64.
stat -L /proc/2/exec, otherwise you'll hit lstat() instead of stat().
And FWIW 0.9.10-1 squeeze/amd64 also triggers here...
Still, just "stat: cannot stat `proc/2/exe': No such file or directory" here...
Gr{oetje,eeting}s,
            Geert
--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@xxxxxxxxxxxxxx
In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
             Â Â -- Linus Torvalds
--
To unsubscribe from this list: send the line "unsubscribe linux-m68k" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
