- allow-access-to-proc-pid-fd-after-setuid.patch removed from -mm tree

akpm@xxxxxxxxxxxxxxxxxxxx · Tue, 08 May 2007 19:43:58 -0700

The patch titled
     Allow access to /proc/$PID/fd after setuid()
has been removed from the -mm tree.  Its filename was
     allow-access-to-proc-pid-fd-after-setuid.patch

This patch was dropped because it was merged into mainline or a subsystem tree

------------------------------------------------------
Subject: Allow access to /proc/$PID/fd after setuid()
From: Alexey Dobriyan <adobriyan@xxxxxxxxxx>

/proc/$PID/fd has r-x------ permissions, so if process does setuid(), it
will not be able to access /proc/*/fd/. This breaks fstatat() emulation
in glibc.

open("foo", O_RDONLY|O_DIRECTORY)       = 4
setuid32(65534)                         = 0
stat64("/proc/self/fd/4/bar", 0xbfafb298) = -1 EACCES (Permission denied)

Signed-off-by: Alexey Dobriyan <adobriyan@xxxxxxxxxx>
Cc: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
Cc: James Morris <jmorris@xxxxxxxxx>
Cc: Chris Wright <chrisw@xxxxxxxxxxxx>
Cc: Ulrich Drepper <drepper@xxxxxxxxxx>
Cc: Oleg Nesterov <oleg@xxxxxxxxxx>
Acked-By: Kirill Korotaev <dev@xxxxxxxxxx>
Cc: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
Cc: Christoph Hellwig <hch@xxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
---

 fs/proc/base.c |   18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff -puN fs/proc/base.c~allow-access-to-proc-pid-fd-after-setuid fs/proc/base.c

--- a/fs/proc/base.c~allow-access-to-proc-pid-fd-after-setuid
+++ a/fs/proc/base.c
@@ -1448,10 +1448,28 @@ static const struct file_operations proc
 };
 
 /*
+ * /proc/pid/fd needs a special permission handler so that a process can still
+ * access /proc/self/fd after it has executed a setuid().
+ */
+static int proc_fd_permission(struct inode *inode, int mask,
+				struct nameidata *nd)
+{
+	int rv;
+
+	rv = generic_permission(inode, mask, NULL);
+	if (rv == 0)
+		return 0;
+	if (task_pid(current) == proc_pid(inode))
+		rv = 0;
+	return rv;
+}
+
+/*
  * proc directories can do almost nothing..
  */
 static const struct inode_operations proc_fd_inode_operations = {
 	.lookup		= proc_lookupfd,
+	.permission	= proc_fd_permission,
 	.setattr	= proc_setattr,
 };
 
_

Patches currently in -mm which might be from adobriyan@xxxxxxxxxx are

origin.patch
git-ia64.patch
git-parisc.patch
x86-msr-add-support-for-safe-variants.patch

-
To unsubscribe from this list: send the line "unsubscribe mm-commits" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




