aboutsummaryrefslogtreecommitdiffstats
path: root/fs/proc/base.c
diff options
context:
space:
mode:
Diffstat (limited to 'fs/proc/base.c')
-rw-r--r--fs/proc/base.c63
1 files changed, 19 insertions, 44 deletions
diff --git a/fs/proc/base.c b/fs/proc/base.c
index 520978e49e92..84751f3f52d5 100644
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -119,7 +119,6 @@ enum pid_directory_inos {
119#ifdef CONFIG_AUDITSYSCALL 119#ifdef CONFIG_AUDITSYSCALL
120 PROC_TGID_LOGINUID, 120 PROC_TGID_LOGINUID,
121#endif 121#endif
122 PROC_TGID_FD_DIR,
123 PROC_TGID_OOM_SCORE, 122 PROC_TGID_OOM_SCORE,
124 PROC_TGID_OOM_ADJUST, 123 PROC_TGID_OOM_ADJUST,
125 PROC_TID_INO, 124 PROC_TID_INO,
@@ -158,9 +157,11 @@ enum pid_directory_inos {
158#ifdef CONFIG_AUDITSYSCALL 157#ifdef CONFIG_AUDITSYSCALL
159 PROC_TID_LOGINUID, 158 PROC_TID_LOGINUID,
160#endif 159#endif
161 PROC_TID_FD_DIR = 0x8000, /* 0x8000-0xffff */
162 PROC_TID_OOM_SCORE, 160 PROC_TID_OOM_SCORE,
163 PROC_TID_OOM_ADJUST, 161 PROC_TID_OOM_ADJUST,
162
163 /* Add new entries before this */
164 PROC_TID_FD_DIR = 0x8000, /* 0x8000-0xffff */
164}; 165};
165 166
166struct pid_entry { 167struct pid_entry {
@@ -297,15 +298,21 @@ static int proc_fd_link(struct inode *inode, struct dentry **dentry, struct vfsm
297 return -ENOENT; 298 return -ENOENT;
298} 299}
299 300
300static int proc_cwd_link(struct inode *inode, struct dentry **dentry, struct vfsmount **mnt) 301static struct fs_struct *get_fs_struct(struct task_struct *task)
301{ 302{
302 struct fs_struct *fs; 303 struct fs_struct *fs;
303 int result = -ENOENT; 304 task_lock(task);
304 task_lock(proc_task(inode)); 305 fs = task->fs;
305 fs = proc_task(inode)->fs;
306 if(fs) 306 if(fs)
307 atomic_inc(&fs->count); 307 atomic_inc(&fs->count);
308 task_unlock(proc_task(inode)); 308 task_unlock(task);
309 return fs;
310}
311
312static int proc_cwd_link(struct inode *inode, struct dentry **dentry, struct vfsmount **mnt)
313{
314 struct fs_struct *fs = get_fs_struct(proc_task(inode));
315 int result = -ENOENT;
309 if (fs) { 316 if (fs) {
310 read_lock(&fs->lock); 317 read_lock(&fs->lock);
311 *mnt = mntget(fs->pwdmnt); 318 *mnt = mntget(fs->pwdmnt);
@@ -319,13 +326,8 @@ static int proc_cwd_link(struct inode *inode, struct dentry **dentry, struct vfs
319 326
320static int proc_root_link(struct inode *inode, struct dentry **dentry, struct vfsmount **mnt) 327static int proc_root_link(struct inode *inode, struct dentry **dentry, struct vfsmount **mnt)
321{ 328{
322 struct fs_struct *fs; 329 struct fs_struct *fs = get_fs_struct(proc_task(inode));
323 int result = -ENOENT; 330 int result = -ENOENT;
324 task_lock(proc_task(inode));
325 fs = proc_task(inode)->fs;
326 if(fs)
327 atomic_inc(&fs->count);
328 task_unlock(proc_task(inode));
329 if (fs) { 331 if (fs) {
330 read_lock(&fs->lock); 332 read_lock(&fs->lock);
331 *mnt = mntget(fs->rootmnt); 333 *mnt = mntget(fs->rootmnt);
@@ -344,33 +346,6 @@ static int proc_root_link(struct inode *inode, struct dentry **dentry, struct vf
344 (task->state == TASK_STOPPED || task->state == TASK_TRACED) && \ 346 (task->state == TASK_STOPPED || task->state == TASK_TRACED) && \
345 security_ptrace(current,task) == 0)) 347 security_ptrace(current,task) == 0))
346 348
347static int may_ptrace_attach(struct task_struct *task)
348{
349 int retval = 0;
350
351 task_lock(task);
352
353 if (!task->mm)
354 goto out;
355 if (((current->uid != task->euid) ||
356 (current->uid != task->suid) ||
357 (current->uid != task->uid) ||
358 (current->gid != task->egid) ||
359 (current->gid != task->sgid) ||
360 (current->gid != task->gid)) && !capable(CAP_SYS_PTRACE))
361 goto out;
362 rmb();
363 if (task->mm->dumpable != 1 && !capable(CAP_SYS_PTRACE))
364 goto out;
365 if (security_ptrace(current, task))
366 goto out;
367
368 retval = 1;
369out:
370 task_unlock(task);
371 return retval;
372}
373
374static int proc_pid_environ(struct task_struct *task, char * buffer) 349static int proc_pid_environ(struct task_struct *task, char * buffer)
375{ 350{
376 int res = 0; 351 int res = 0;
@@ -380,7 +355,7 @@ static int proc_pid_environ(struct task_struct *task, char * buffer)
380 if (len > PAGE_SIZE) 355 if (len > PAGE_SIZE)
381 len = PAGE_SIZE; 356 len = PAGE_SIZE;
382 res = access_process_vm(task, mm->env_start, buffer, len, 0); 357 res = access_process_vm(task, mm->env_start, buffer, len, 0);
383 if (!may_ptrace_attach(task)) 358 if (!ptrace_may_attach(task))
384 res = -ESRCH; 359 res = -ESRCH;
385 mmput(mm); 360 mmput(mm);
386 } 361 }
@@ -683,7 +658,7 @@ static ssize_t mem_read(struct file * file, char __user * buf,
683 int ret = -ESRCH; 658 int ret = -ESRCH;
684 struct mm_struct *mm; 659 struct mm_struct *mm;
685 660
686 if (!MAY_PTRACE(task) || !may_ptrace_attach(task)) 661 if (!MAY_PTRACE(task) || !ptrace_may_attach(task))
687 goto out; 662 goto out;
688 663
689 ret = -ENOMEM; 664 ret = -ENOMEM;
@@ -709,7 +684,7 @@ static ssize_t mem_read(struct file * file, char __user * buf,
709 684
710 this_len = (count > PAGE_SIZE) ? PAGE_SIZE : count; 685 this_len = (count > PAGE_SIZE) ? PAGE_SIZE : count;
711 retval = access_process_vm(task, src, page, this_len, 0); 686 retval = access_process_vm(task, src, page, this_len, 0);
712 if (!retval || !MAY_PTRACE(task) || !may_ptrace_attach(task)) { 687 if (!retval || !MAY_PTRACE(task) || !ptrace_may_attach(task)) {
713 if (!ret) 688 if (!ret)
714 ret = -EIO; 689 ret = -EIO;
715 break; 690 break;
@@ -747,7 +722,7 @@ static ssize_t mem_write(struct file * file, const char * buf,
747 struct task_struct *task = proc_task(file->f_dentry->d_inode); 722 struct task_struct *task = proc_task(file->f_dentry->d_inode);
748 unsigned long dst = *ppos; 723 unsigned long dst = *ppos;
749 724
750 if (!MAY_PTRACE(task) || !may_ptrace_attach(task)) 725 if (!MAY_PTRACE(task) || !ptrace_may_attach(task))
751 return -ESRCH; 726 return -ESRCH;
752 727
753 page = (char *)__get_free_page(GFP_USER); 728 page = (char *)__get_free_page(GFP_USER);
generated by cgit v1.2.2 (git 2.25.0) at 2025-10-27 17:13:06 -0400