[PATCH 07/23] proc: Remove bogus proc_task_permission.

From: Eric W. Biederman
Date: Thu Feb 23 2006 - 11:04:29 EST



First we can access every /proc/<tgid>/task/<pid> directory as
/proc/<pid> so proc_task_permission is not usefully limiting
visibility.

Second having related filesystems information should have nothing to
do with process visibility. kill does not implement any checks
like that.

It looks like proc_task_permission was added when the /proc/<tgid>/task
directories were added and someone misunderstood what proc_permission
was trying to accomplish.

Signed-off-by: Eric W. Biederman <ebiederm@xxxxxxxxxxxx>


---

fs/proc/base.c | 63 --------------------------------------------------------
1 files changed, 0 insertions(+), 63 deletions(-)

e1ab81806f60fd8ccda2773f9cdadd05990b5e81
diff --git a/fs/proc/base.c b/fs/proc/base.c
index 8357c52..8b938ef 100644
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -350,54 +350,6 @@ static int proc_root_link(struct inode *
return result;
}

-
-/* Same as proc_root_link, but this addionally tries to get fs from other
- * threads in the group */
-static int proc_task_root_link(struct inode *inode, struct dentry **dentry,
- struct vfsmount **mnt)
-{
- struct fs_struct *fs;
- int result = -ENOENT;
- struct task_struct *leader = proc_task(inode);
-
- task_lock(leader);
- fs = leader->fs;
- if (fs) {
- atomic_inc(&fs->count);
- task_unlock(leader);
- } else {
- /* Try to get fs from other threads */
- task_unlock(leader);
- read_lock(&tasklist_lock);
- if (pid_alive(leader)) {
- struct task_struct *task = leader;
-
- while ((task = next_thread(task)) != leader) {
- task_lock(task);
- fs = task->fs;
- if (fs) {
- atomic_inc(&fs->count);
- task_unlock(task);
- break;
- }
- task_unlock(task);
- }
- }
- read_unlock(&tasklist_lock);
- }
-
- if (fs) {
- read_lock(&fs->lock);
- *mnt = mntget(fs->rootmnt);
- *dentry = dget(fs->root);
- read_unlock(&fs->lock);
- result = 0;
- put_fs_struct(fs);
- }
- return result;
-}
-
-
#define MAY_PTRACE(task) \
(task == current || \
(task->parent == current && \
@@ -586,20 +538,6 @@ static int proc_permission(struct inode
return proc_check_root(inode);
}

-static int proc_task_permission(struct inode *inode, int mask, struct nameidata *nd)
-{
- struct dentry *root;
- struct vfsmount *vfsmnt;
-
- if (generic_permission(inode, mask, NULL) != 0)
- return -EACCES;
-
- if (proc_task_root_link(inode, &root, &vfsmnt))
- return -ENOENT;
-
- return proc_check_chroot(root, vfsmnt);
-}
-
extern struct seq_operations proc_pid_maps_op;
static int maps_open(struct inode *inode, struct file *file)
{
@@ -1531,7 +1469,6 @@ static struct inode_operations proc_fd_i

static struct inode_operations proc_task_inode_operations = {
.lookup = proc_task_lookup,
- .permission = proc_task_permission,
};

#ifdef CONFIG_SECURITY
--
1.2.2.g709a

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/