[PATCH 1/1] fs: forbid to open anon-inode files via /proc

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Oleg Nesterov <oleg@redhat.com>
To: Al Viro <viro@zeniv.linux.org.uk>,
	Stephen Rothwell <sfr@canb.auug.org.au>
Cc: Andrew Morton <akpm@linux-foundation.org>,
	linux-next@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: [PATCH 1/1] fs: forbid to open anon-inode files via /proc
Date: Sat, 9 Nov 2013 21:04:52 +0100	[thread overview]
Message-ID: <20131109200452.GB4967@redhat.com> (raw)
In-Reply-To: <20131109200424.GA4967@redhat.com>

open("/proc/pid/$anon-fd") should fail, we can't create the new
file with correctly. Currently this creates the bogus file with
->f_op == empty_fops copied from ->i_fop, this is harmless but
still wrong and misleading.

Now that anon_inode_fops has gone away we can add empty_no_open()
to disallow this. This affects anon_inode_getfile() and the new
aio_private_file().

Signed-off-by: Oleg Nesterov <oleg@redhat.com>
---
 fs/inode.c |    9 ++++++++-
 1 files changed, 8 insertions(+), 1 deletions(-)

diff --git a/fs/inode.c b/fs/inode.c
index 4bcdad3..b7c159c 100644
--- a/fs/inode.c
+++ b/fs/inode.c
@@ -114,6 +114,11 @@ int proc_nr_inodes(ctl_table *table, int write,
 }
 #endif
 
+static int empty_no_open(struct inode *inode, struct file *file)
+{
+	return -ENXIO;
+}
+
 /**
  * inode_init_always - perform inode structure intialisation
  * @sb: superblock inode belongs to
@@ -124,8 +129,10 @@ int proc_nr_inodes(ctl_table *table, int write,
  */
 int inode_init_always(struct super_block *sb, struct inode *inode)
 {
+	static const struct file_operations empty_fops = {
+		.open = empty_no_open,
+	};
 	static const struct inode_operations empty_iops;
-	static const struct file_operations empty_fops;
 	struct address_space *const mapping = &inode->i_data;
 
 	inode->i_sb = sb;
-- 
1.5.5.1

     prev parent reply	other threads:[~2013-11-09 20:03 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-11-08  7:30 linux-next: manual merge of the akpm-current tree with the vfs tree Stephen Rothwell
2013-11-08 12:59 ` Oleg Nesterov
2013-11-08 13:48   ` Oleg Nesterov
2013-11-09 20:04     ` [PATCH 0/1] fs: forbid to open anon-inode files via /proc Oleg Nesterov
2013-11-09 20:04       ` Oleg Nesterov [this message]

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:4bcdad3 dfblob:b7c159c )
 OR (
bs:"[PATCH 1/1] fs: forbid to open anon-inode files via /proc" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20131109200452.GB4967@redhat.com \
    --to=oleg@redhat.com \
    --cc=akpm@linux-foundation.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-next@vger.kernel.org \
    --cc=sfr@canb.auug.org.au \
    --cc=viro@zeniv.linux.org.uk \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.