Doug / smarc-fsl-linux-kernel | Embedian Git Server

12 Sep, 2013

1 commit

96d0df79f proc: make proc_fd_permission() thread-friendly ... Browse Code »

proc_fd_permission() says "process can still access /proc/self/fd after it
has executed a setuid()", but the "task_pid() = proc_pid() check only
helps if the task is group leader, /proc/self points to
/proc/.

Change this check to use task_tgid() so that the whole thread group can
access its /proc/self/fd or /proc//fd.

Notes:
- CLONE_THREAD does not require CLONE_FILES so task->files
can differ, but I don't think this can lead to any security
problem. And this matches same_thread_group() in
__ptrace_may_access().

- /proc/self should probably point to /proc/, but
it is too late to change the rules. Perhaps it makes sense
to add /proc/thread though.

Test-case:

void *tfunc(void *arg)
{
assert(opendir("/proc/self/fd"));
return NULL;
}

int main(void)
{
pthread_t t;
pthread_create(&t, NULL, tfunc, NULL);
pthread_join(t, NULL);
return 0;
}

fails if, say, this executable is not readable and suid_dumpable = 0.

Signed-off-by: Oleg Nesterov
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds

Oleg Nesterov
2013-09-12 06:59:03 +0800

25 Aug, 2013

1 commit

a5a1955e0 proc: kill the extra proc_readfd_common()->dir_emit_dots() ... Browse Code »

proc_readfd_common() does dir_emit_dots() twice in a row,
we need to do this only once.

Signed-off-by: Oleg Nesterov
Signed-off-by: Al Viro

Oleg Nesterov
2013-08-25 00:10:22 +0800

29 Jun, 2013

2 commits

c52a47ace proc_fill_cache(): just make instantiate_t return int ... Browse Code »

all instances always return ERR_PTR(-E...) or NULL, anyway

Signed-off-by: Al Viro

Al Viro
2013-06-29 16:57:18 +0800
f0c3b5093 [readdir] convert procfs ... Browse Code »

Signed-off-by: Al Viro

Al Viro
2013-06-29 16:56:32 +0800

18 Dec, 2012

1 commit

55985dd72 procfs: add ability to plug in auxiliary fdinfo providers ... Browse Code »

This patch brings ability to print out auxiliary data associated with
file in procfs interface /proc/pid/fdinfo/fd.

In particular further patches make eventfd, evenpoll, signalfd and
fsnotify to print additional information complete enough to restore
these objects after checkpoint.

To simplify the code we add show_fdinfo callback inside struct
file_operations (as Al and Pavel are proposing).

Signed-off-by: Cyrill Gorcunov
Acked-by: Pavel Emelyanov
Cc: Oleg Nesterov
Cc: Andrey Vagin
Cc: Al Viro
Cc: Alexey Dobriyan
Cc: James Bottomley
Cc: "Aneesh Kumar K.V"
Cc: Alexey Dobriyan
Cc: Matthew Helsley
Cc: "J. Bruce Fields"
Cc: "Aneesh Kumar K.V"
Cc: Tvrtko Ursulin
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds

Cyrill Gorcunov
2012-12-18 09:15:27 +0800

27 Sep, 2012

3 commits

c6f3d8111 don't leak O_CLOEXEC into ->f_flags ... Browse Code »

Signed-off-by: Al Viro

Al Viro
2012-09-27 09:10:01 +0800
ddd3e0771 procfs: Convert /proc/pid/fdinfo/ handling routines to seq-file v2 ... Browse Code »

This patch converts /proc/pid/fdinfo/ handling routines to seq-file which
is needed to extend seq operations and plug in auxiliary fdinfo provides
from subsystems like eventfd/eventpoll/fsnotify.

Note the proc_fd_link no longer call for proc_fd_info, simply because
the guts of proc_fd_info() got merged into ->show() of that seq_file

Signed-off-by: Al Viro

Cyrill Gorcunov
2012-09-27 09:10:01 +0800
faf60af17 procfs: Move /proc/pid/fd[info] handling code to fd.[ch] ... Browse Code »

This patch prepares the ground for further extension of
/proc/pid/fd[info] handling code by moving fdinfo handling
code into fs/proc/fd.c.

I think such move makes both fs/proc/base.c and fs/proc/fd.c
easier to read.

Signed-off-by: Cyrill Gorcunov
Acked-by: Pavel Emelyanov
CC: Al Viro
CC: Alexey Dobriyan
CC: Andrew Morton
CC: James Bottomley
CC: "Aneesh Kumar K.V"
CC: Alexey Dobriyan
CC: Matthew Helsley
CC: "J. Bruce Fields"
CC: "Aneesh Kumar K.V"
Signed-off-by: Al Viro

Cyrill Gorcunov
2012-09-27 09:10:01 +0800