Re: [PATCH 1/2] proc: protect ptrace_may_access() with exec_update_lock (part 1)

Next message: Claudiu Beznea: "[PATCH v6 00/18] Renesas: dmaengine and ASoC fixes"
Previous message: Claudiu Beznea: "[PATCH v6 10/18] dmaengine: sh: rz-dmac: Refactor pause/resume code"
Next in thread: Oleg Nesterov: "Re: [PATCH 1/2] proc: protect ptrace_may_access() with exec_update_lock (part 1)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Oleg Nesterov

Date: Tue May 26 2026 - 04:50:57 EST

On 05/18, Jann Horn wrote:
>
> Fix the easy cases where procfs currently calls ptrace_may_access() without
> exec_update_lock protection, where the fix is to simply add the extra lock
> or use mm_access():

I thought about this too, but I do not know if it is fine performance wise...

And what about proc_coredump_filter_write() which doesn't use ptrace_may_access() ?

AFAICS, we can't rely on the open-time checks. /proc/$pid/coredump_filter can
be opened for writing, the task can do suid exec after that, the file remains
writable.

Not a big deal, but still.

Oleg.