Re: [PATCH] proc: advertise new restrictions on /proc/*/maps & /proc/*/smaps

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: Guillaume Chazarain <guichaz@yahoo.fr>
To: Al Viro <viro@ZenIV.linux.org.uk>
Cc: Rik van Riel <riel@redhat.com>, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] proc: advertise new restrictions on /proc/*/maps & /proc/*/smaps
Date: Fri, 4 Jan 2008 12:15:02 +0100	[thread overview]
Message-ID: <20080104121502.2e6ccaa1@inria.fr> (raw)
In-Reply-To: <20080103235736.GW27894@ZenIV.linux.org.uk>

Al Viro <viro@ZenIV.linux.org.uk> wrote:

> The whole point is that we have to reject it at read() time, not open()
> time.

Yes, my patch was a complement to yours to propagate the -EPERM in easy
cases. As you noted it added restrictions on reading /proc/*/maps, even
though I found them acceptable.

How about this instead?

Maybe you'd prefer to propagate the actual -EPERM from
__ptrace_may_attach but that would be more invasive.

Sidenote: do you think a sparse annotation to check IS_ERR/PTR_ERR
usage would make sense?

proc: return -EPERM when preventing read of /proc/*/maps

Return an error instead of successfully reading an empty file.

Signed-off-by: Guillaume Chazarain <guichaz@yahoo.fr>
---

 fs/proc/base.c       |    2 +-
 fs/proc/task_mmu.c   |    8 +++++---
 fs/proc/task_nommu.c |    4 ++--
 3 files changed, 8 insertions(+), 6 deletions(-)


diff --git a/fs/proc/base.c b/fs/proc/base.c
index 7411bfb..3aebc85 100644
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -219,7 +219,7 @@ out:
 	task_unlock(task);
 	up_read(&mm->mmap_sem);
 	mmput(mm);
-	return NULL;
+	return ERR_PTR(-EPERM);
 }
 
 static int proc_pid_cmdline(struct task_struct *task, char * buffer)
diff --git a/fs/proc/task_mmu.c b/fs/proc/task_mmu.c
index 8043a3e..db57e65 100644
--- a/fs/proc/task_mmu.c
+++ b/fs/proc/task_mmu.c
@@ -398,8 +398,8 @@ static void *m_start(struct seq_file *m, loff_t
*pos) return NULL;
 
 	mm = mm_for_maps(priv->task);
-	if (!mm)
-		return NULL;
+	if (IS_ERR(mm) || !mm)
+		return mm;
 
 	priv->tail_vma = tail_vma = get_gate_vma(priv->task);
 
@@ -437,7 +437,7 @@ out:
 
 static void vma_stop(struct proc_maps_private *priv, struct
vm_area_struct *vma) {
-	if (vma && vma != priv->tail_vma) {
+	if (vma && !IS_ERR(vma) && vma != priv->tail_vma) {
 		struct mm_struct *mm = vma->vm_mm;
 		up_read(&mm->mmap_sem);
 		mmput(mm);
@@ -451,6 +451,8 @@ static void *m_next(struct seq_file *m, void *v,
loff_t *pos) struct vm_area_struct *tail_vma = priv->tail_vma;
 
 	(*pos)++;
+	if (IS_ERR(vma))
+		return vma;
 	if (vma && (vma != tail_vma) && vma->vm_next)
 		return vma->vm_next;
 	vma_stop(priv, vma);
diff --git a/fs/proc/task_nommu.c b/fs/proc/task_nommu.c
index 1932c2c..53cb062 100644
--- a/fs/proc/task_nommu.c
+++ b/fs/proc/task_nommu.c
@@ -166,10 +166,10 @@ static void *m_start(struct seq_file *m, loff_t
*pos) return NULL;
 
 	mm = mm_for_maps(priv->task);
-	if (!mm) {
+	if (IS_ERR(mm) || !mm) {
 		put_task_struct(priv->task);
 		priv->task = NULL;
-		return NULL;
+		return mm;
 	}
 
 	/* start from the Nth VMA */


-- 
Guillaume

next prev parent reply	other threads:[~2008-01-04 11:15 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2008-01-03 23:51 [PATCH] proc: advertise new restrictions on /proc/*/maps & /proc/*/smaps Guillaume Chazarain
2008-01-03 23:57 ` Al Viro
2008-01-04 11:15   ` Guillaume Chazarain [this message]
2008-01-04 11:38     ` Al Viro

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:7411bfb dfblob:3aebc85 dfblob:8043a3e dfblob:db57e65
dfblob:1932c2c dfblob:53cb062 )
 OR (
bs:"Re: [PATCH] proc: advertise new restrictions on /proc/*/maps & /proc/*/smaps" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20080104121502.2e6ccaa1@inria.fr \
    --to=guichaz@yahoo.fr \
    --cc=linux-kernel@vger.kernel.org \
    --cc=riel@redhat.com \
    --cc=viro@ZenIV.linux.org.uk \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox