Bug 623519 - ENOPERM when reading /proc/sys/vm/mmap_min_addr
Summary: ENOPERM when reading /proc/sys/vm/mmap_min_addr
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: kernel (Show other bugs)
(Show other bugs)
Version: 5.5
Hardware: i386 Linux
Target Milestone: rc
: ---
Assignee: Eric Paris
QA Contact: Eryu Guan
Depends On:
TreeView+ depends on / blocked
Reported: 2010-08-12 02:43 UTC by Hiroto Shibuya
Modified: 2011-01-24 02:39 UTC (History)
11 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 583292
Last Closed: 2011-01-13 21:09:35 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2011:0017 normal SHIPPED_LIVE Important: Red Hat Enterprise Linux 5.6 kernel security and bug fix update 2011-01-13 10:37:42 UTC

Description Hiroto Shibuya 2010-08-12 02:43:32 UTC
+++ This bug was initially created as a clone of Bug #583292 +++

Description of problem:
Despite the permissions showing global read access, /proc/sys/vm/mmap_min_addr can not be read by normal users.

Version-Release number of selected component (if applicable): is where I see the issue works fine.

How reproducible:

Steps to Reproduce:
1. Boot using kernel
2. cat /proc/sys/vm/mmap_min_addr
Actual results:
ERROR permission denied

Expected results:
"0" or "4096" or whatever your configuration has.

Additional info:

--- Additional comment from cebbert@redhat.com on 2010-04-21 12:52:51 EDT ---

*** Bug 582810 has been marked as a duplicate of this bug. ***

--- Additional comment from eparis@redhat.com on 2010-05-14 16:00:30 EDT ---

fixed upstream in 2.6.34.  If you need this in an older kernel please reopen this bug and I can backport.

Comment 1 Hiroto Shibuya 2010-08-12 02:47:24 UTC
This appeared in RHEL 5 updates as regression. 

This was not an issue in 2.6.18-164.15, but all kernels after 2.6.18-194.3 exhibit this problem.

Comment 2 Eric Paris 2010-09-27 15:32:23 UTC
Posted to internal list for review.

Backport of upstream patch 4ae69e6b718589abe97c9625ccbb1e0bc95a8c0e

Comment 3 RHEL Product and Program Management 2010-11-08 22:19:30 UTC
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update

Comment 5 Jarod Wilson 2010-11-09 17:12:33 UTC
in kernel-2.6.18-231.el5
You can download this test kernel (or newer) from http://people.redhat.com/jwilson/el5

Detailed testing feedback is always welcomed.

Comment 7 Hiroto Shibuya 2010-11-09 17:39:52 UTC

$ uname -r
$ cat /proc/sys/vm/mmap_min_addr


Comment 8 Eryu Guan 2010-12-02 06:06:24 UTC
Reproduced on -194 kernel
[test@nec-em9 ~]$ uname -a
Linux nec-em9.rhts.eng.bos.redhat.com 2.6.18-194.el5 #1 SMP Tue Mar 16 21:52:39 EDT 2010 x86_64 x86_64 x86_64 GNU/Linux
[test@nec-em9 ~]$ id
uid=500(test) gid=500(test) groups=500(test) context=root:system_r:unconfined_t:SystemLow-SystemHigh
[test@nec-em9 ~]$ cat /proc/sys/vm/mmap_min_addr
cat: /proc/sys/vm/mmap_min_addr: Operation not permitted
[test@nec-em9 ~]$

Verified on -233 kernel
[test@nec-em9 ~]$ uname -a
Linux nec-em9.rhts.eng.bos.redhat.com 2.6.18-233.el5 #1 SMP Mon Nov 22 17:45:30 EST 2010 x86_64 x86_64 x86_64 GNU/Linux
[test@nec-em9 ~]$ id
uid=500(test) gid=500(test) groups=500(test) context=root:system_r:unconfined_t:SystemLow-SystemHigh
[test@nec-em9 ~]$ cat /proc/sys/vm/mmap_min_addr
[test@nec-em9 ~]$

Comment 10 errata-xmlrpc 2011-01-13 21:09:35 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.


Note You need to log in before you can comment on or make changes to this bug.