• Oleg Nesterov's avatar
    fs/proc/task_mmu.c: shift mm_access() from m_start() to proc_maps_open() · 29a40ace
    Oleg Nesterov authored
    A simple test-case from Kirill Shutemov
    
    	cat /proc/self/maps >/dev/null
    	chmod +x /proc/self/net/packet
    	exec /proc/self/net/packet
    
    makes lockdep unhappy, cat/exec take seq_file->lock + cred_guard_mutex in
    the opposite order.
    
    It's a false positive and probably we should not allow "chmod +x" on proc
    files. Still I think that we should avoid mm_access() and cred_guard_mutex
    in sys_read() paths, security checking should happen at open time. Besides,
    this doesn't even look right if the task changes its ->mm between m_stop()
    and m_start().
    
    Add the new "mm_struct *mm" member into struct proc_maps_private and change
    proc_maps_open() to initialize it using proc_mem_open(). Change m_start() to
    use priv->mm if atomic_inc_not_zero(mm_users) succeeds or return NULL (eof)
    otherwise.
    
    The only complication is that proc_maps_open() users should additionally do
    mmdrop() in fop->release(), add the new proc_map_release() helper for that.
    
    Note: this is the user-visible change, if the task execs after open("maps")
    the new ->mm won't be visible via this file. I hope this is fine, and this
    matches /proc/pid/mem bahaviour.
    
    [akpm@linux-foundation.org: coding-style fixes]
    Signed-off-by: default avatarOleg Nesterov <oleg@redhat.com>
    Reported-by: default avatar"Kirill A. Shutemov" <kirill@shutemov.name>
    Acked-by: default avatarKirill A. Shutemov <kirill.shutemov@linux.intel.com>
    Acked-by: default avatarCyrill Gorcunov <gorcunov@openvz.org>
    Cc: "Eric W. Biederman" <ebiederm@xmission.com>
    Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
    Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
    29a40ace
task_mmu.c 39 KB