[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]

Re: Re: Re: Somethings about libraries..

On Fri, Nov 24, 2000 at 11:28:56AM -0800, Arun Sharma wrote:
> Whether an executable's map in memory refers to the old contents or
> the new depends on whether the page fault happened before or after the
> file was modified.

I thought a little bit after I hit the send button. It doesn't make
sense for an executable to have some old contents and some new. This
could have all kinds of security implications.

The code tells me that when you exec(2) a a.out, it is mapped with
MAP_DENYWRITE. Subsequently, if someone tries to write(2) or mmap
it with MAP_WRITE, they'll get ETXTBSY.

On the question of what would happen if hypothetically, such modification
was allowed  - Linux does some things differently.

Traditionally, UNIX has a namei cache which maps a path -> inode. In
Linux, Thomas Schoebel-Theuer and Linus introduced a "dcache", which
Linus believes is a big win. Now Linux does path -> inode translation
in two steps:

1. namei maps path -> dentry
2. dcache lookup maps dentry -> inode

Also note that 'struct file' which is the kernel's idea of a file,
has a pointer to a d_entry and not an inode. Which means, the inode
can change for an open file.

So if you delete a file via unlink(2) while it is being mmap'ed, the
dcache gets updated and the next time someone tries to do something
with the file, they get the new updated inode.

I'm writing all this by reading code and interpreting it. I might be
completely wrong.