From: Christian Brauner <brauner@kernel.org>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Christian Brauner <brauner@kernel.org>,
linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: [GIT PULL] procfs fixes
Date: Thu, 24 Aug 2023 16:48:31 +0200 [thread overview]
Message-ID: <20230824-inventar-wissen-d7801fbc9bf9@brauner> (raw)
Hey Linus,
/* Summary */
Mode changes to files under /proc/<pid>/ aren't supported ever since
6d76fa58b050 ("Don't allow chmod() on the /proc/<pid>/ files").
Due to an oversight in commit 1b3044e39a89 ("procfs: fix pthread
cross-thread naming if !PR_DUMPABLE") in switching from REG to NOD,
mode changes on /proc/thread-self/comm were accidently allowed.
Similar, mode changes for all files beneath /proc/<pid>/net/ are blocked
but mode changes on /proc/<pid>/net itself were accidently allowed.
Both issues come down to not using the generic proc_setattr() helper
which blocks all mode changes. This is rectified with this pull request.
This also removes a strange nolibc test that abused /proc/<pid>/net for
testing mode changes. Using procfs for this test never made a lot of
sense given procfs has special semantics for almost everything anway.
Both changes are minor user-visible changes. It is however very unlikely
that mode changes on proc/<pid>/net and /proc/thread-self/comm are
something that userspace relies on.
/* Testing */
clang: Ubuntu clang version 15.0.7
gcc: (Ubuntu 12.2.0-3ubuntu1) 12.2.0
All patches are based on v6.5-rc1 and have been sitting in linux-next.
No build failures or warnings were observed.
/* Conflicts */
(1) linux-next: manual merge of the nolibc tree with the vfs-brauner tree
https://lore.kernel.org/lkml/20230824141008.27f7270b@canb.auug.org.au
The following changes since commit 06c2afb862f9da8dc5efa4b6076a0e48c3fbaaa5:
Linux 6.5-rc1 (2023-07-09 13:53:13 -0700)
are available in the Git repository at:
git@gitolite.kernel.org:pub/scm/linux/kernel/git/vfs/vfs tags/v6.6-fs.proc.uapi
for you to fetch changes up to ccf61486fe1e1a48e18c638d1813cda77b3c0737:
procfs: block chmod on /proc/thread-self/comm (2023-07-13 16:30:52 +0200)
Please consider pulling these changes from the signed v6.6-fs.proc.uapi tag.
Thanks!
Christian
----------------------------------------------------------------
v6.6-fs.proc.uapi
----------------------------------------------------------------
Aleksa Sarai (1):
procfs: block chmod on /proc/thread-self/comm
Thomas Weißschuh (2):
selftests/nolibc: drop test chmod_net
proc: use generic setattr() for /proc/$PID/net
fs/proc/base.c | 3 ++-
fs/proc/proc_net.c | 1 +
tools/testing/selftests/nolibc/nolibc-test.c | 1 -
3 files changed, 3 insertions(+), 2 deletions(-)
next reply other threads:[~2023-08-24 14:49 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-24 14:48 Christian Brauner [this message]
2023-08-28 20:15 ` [GIT PULL] procfs fixes pr-tracker-bot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230824-inventar-wissen-d7801fbc9bf9@brauner \
--to=brauner@kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).