LKML Archive on lore.kernel.org
help / color / mirror / Atom feed
* [PATCH 1/5] proc: make /proc/*/cmdline go through LSM
@ 2018-02-21 19:23 Alexey Dobriyan
  2018-02-21 19:26 ` [PATCH 2/5] proc: more "unsigned int" in /proc/*/cmdline Alexey Dobriyan
                   ` (3 more replies)
  0 siblings, 4 replies; 13+ messages in thread
From: Alexey Dobriyan @ 2018-02-21 19:23 UTC (permalink / raw)
  To: akpm; +Cc: linux-kernel

/proc/*/cmdline is not different from /proc/*/environ as it accesses
target task's memory (and can access the very same region of memory)
but it doesn't go through ptrace_may_access() and thus doesn't go through LSM.

Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com>
---

 fs/proc/base.c |   67 ++++++++++++++++++++++++++++-----------------------------
 1 file changed, 33 insertions(+), 34 deletions(-)

--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -208,11 +208,34 @@ static int proc_root_link(struct dentry *dentry, struct path *path)
 	return result;
 }
 
+static int __mem_open(struct inode *inode, struct file *file, unsigned int mode)
+{
+	struct mm_struct *mm = proc_mem_open(inode, mode);
+
+	if (IS_ERR(mm))
+		return PTR_ERR(mm);
+
+	file->private_data = mm;
+	return 0;
+}
+
+static int proc_pid_cmdline_open(struct inode *inode, struct file *file)
+{
+	return __mem_open(inode, file, PTRACE_MODE_READ);
+}
+
+static int mem_release(struct inode *inode, struct file *file)
+{
+	struct mm_struct *mm = file->private_data;
+	if (mm)
+		mmdrop(mm);
+	return 0;
+}
+
 static ssize_t proc_pid_cmdline_read(struct file *file, char __user *buf,
 				     size_t _count, loff_t *pos)
 {
-	struct task_struct *tsk;
-	struct mm_struct *mm;
+	struct mm_struct *mm = file->private_data;
 	char *page;
 	unsigned long count = _count;
 	unsigned long arg_start, arg_end, env_start, env_end;
@@ -223,18 +246,11 @@ static ssize_t proc_pid_cmdline_read(struct file *file, char __user *buf,
 
 	BUG_ON(*pos < 0);
 
-	tsk = get_proc_task(file_inode(file));
-	if (!tsk)
-		return -ESRCH;
-	mm = get_task_mm(tsk);
-	put_task_struct(tsk);
-	if (!mm)
-		return 0;
 	/* Check if process spawned far enough to have cmdline. */
-	if (!mm->env_end) {
-		rv = 0;
-		goto out_mmput;
-	}
+	if (!mm || !mm->env_end)
+		return 0;
+	if (!mmget_not_zero(mm))
+		return 0;
 
 	page = (char *)__get_free_page(GFP_KERNEL);
 	if (!page) {
@@ -376,8 +392,10 @@ static ssize_t proc_pid_cmdline_read(struct file *file, char __user *buf,
 }
 
 static const struct file_operations proc_pid_cmdline_ops = {
-	.read	= proc_pid_cmdline_read,
-	.llseek	= generic_file_llseek,
+	.open		= proc_pid_cmdline_open,
+	.read		= proc_pid_cmdline_read,
+	.llseek		= generic_file_llseek,
+	.release	= mem_release,
 };
 
 #ifdef CONFIG_KALLSYMS
@@ -786,17 +804,6 @@ struct mm_struct *proc_mem_open(struct inode *inode, unsigned int mode)
 	return mm;
 }
 
-static int __mem_open(struct inode *inode, struct file *file, unsigned int mode)
-{
-	struct mm_struct *mm = proc_mem_open(inode, mode);
-
-	if (IS_ERR(mm))
-		return PTR_ERR(mm);
-
-	file->private_data = mm;
-	return 0;
-}
-
 static int mem_open(struct inode *inode, struct file *file)
 {
 	int ret = __mem_open(inode, file, PTRACE_MODE_ATTACH);
@@ -890,14 +897,6 @@ loff_t mem_lseek(struct file *file, loff_t offset, int orig)
 	return file->f_pos;
 }
 
-static int mem_release(struct inode *inode, struct file *file)
-{
-	struct mm_struct *mm = file->private_data;
-	if (mm)
-		mmdrop(mm);
-	return 0;
-}
-
 static const struct file_operations proc_mem_operations = {
 	.llseek		= mem_lseek,
 	.read		= mem_read,

^ permalink raw reply	[flat|nested] 13+ messages in thread

end of thread, other threads:[~2018-04-20 19:46 UTC | newest]

Thread overview: 13+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-02-21 19:23 [PATCH 1/5] proc: make /proc/*/cmdline go through LSM Alexey Dobriyan
2018-02-21 19:26 ` [PATCH 2/5] proc: more "unsigned int" in /proc/*/cmdline Alexey Dobriyan
2018-02-21 19:27   ` [PATCH 3/5] proc: somewhat simpler code for /proc/*/cmdline Alexey Dobriyan
2018-02-21 19:30     ` [PATCH 4/5] proc: simpler iterations " Alexey Dobriyan
2018-02-21 19:33       ` [PATCH 5/5] proc: deduplicate /proc/*/cmdline implementation Alexey Dobriyan
2018-04-20  0:15       ` [PATCH 4/5] proc: simpler iterations for /proc/*/cmdline Andrew Morton
2018-04-20 19:46         ` Alexey Dobriyan
2018-02-21 19:28 ` [PATCH 1/5] proc: make /proc/*/cmdline go through LSM Andy Shevchenko
2018-02-21 19:39   ` Alexey Dobriyan
2018-02-21 20:06 ` Andrew Morton
2018-02-23 19:43   ` [PATCH v2 " Alexey Dobriyan
2018-04-20  0:02 ` [PATCH " Andrew Morton
2018-04-20 19:25   ` Alexey Dobriyan

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).