>>> Most /proc code that generates more than a page of data uses seq_file.
>>> That implementation saves a position index which is passed to the
>>> seq_operations->start() routine on the next read. Every such routine
>>> in 2.4.19 uses the index as a counter into a list, i.e. all the
>>> seq_file code is vulnerable to this race.
>>
>> It would be dumb for /proc/*/maps to do this. Each line has
>> an address that may be used to find back the position.
...
> You are concentrating on just the files used by procps, but PCP has to
> worry about other /proc files. Small files whose data fits in a single
> page are not a problem, larger /proc files have races.
It was /proc/*/maps that was originally mentioned.
|