Re: [PATCH v9 4/5] proc: Skip the visibility check if subset=pid is used

[Aleksa Sarai]

On 2026-04-13, Alexey Gladkov <legion@xxxxxxxxxx> wrote:
> When procfs is mounted with the subset=pid option, all system files and
> directories from the root of the filesystem are not accessible in
> userspace. Only dynamic information about processes is available, which
> cannot be hidden with overmount.
> 
> For this reason, checking for full visibility is not relevant if mounting
> is performed with the subset=pid option.
> 
> Signed-off-by: Alexey Gladkov <legion@xxxxxxxxxx>
> ---

> -static bool mount_too_revealing(const struct super_block *sb, int *new_mnt_flags)
> +static bool mount_too_revealing(struct fs_context *fc, int *new_mnt_flags)
>  {
>  	const unsigned long required_iflags = SB_I_NOEXEC | SB_I_NODEV;
>  	struct mnt_namespace *ns = current->nsproxy->mnt_ns;
> +	const struct super_block *sb = fc->root->d_sb;
>  	unsigned long s_iflags;
>  
>  	if (ns->user_ns == &init_user_ns)
> @@ -6388,7 +6387,7 @@ static bool mount_too_revealing(const struct super_block *sb, int *new_mnt_flags
>  		return true;
>  	}
>  
> -	return !mnt_already_visible(ns, sb, new_mnt_flags);
> +	return (!fc->skip_visibility && !mnt_already_visible(ns, sb, new_mnt_flags));
>  }

Unless I'm missing something (I haven't tested this locally yet, sorry),
this will allow you to bypass mount_too_revealing() even for
non-subset=pid mounts because once you create a subset=pid mount then a
regular procfs mount will see the subset=pid mount and permit it.

I think the solution is quite simple -- you can also skip super-blocks
that have fc->skip_visibility set in mnt_already_visible().

Unfortunately, the fact that both subset=pid and fully-loaded procfs
look like the same type (procfs) to mnt_already_visible() is something
people have already exploited in userspace. (The k8s workaround from a
long time ago used subset=pid from a dead pidns to stop the mount from
being useful to an attacker while still bypassing mount_too_revealing().
That being said, that workaround was removed a long time ago and I don't
know how widespread this is.)

I'd be happy to give it a shot but if it breaks userspace we might need
a new mount option to work around it...

-- 
Aleksa Sarai
https://www.cyphar.com/

Attachment: signature.asc
Description: PGP signature