[PATCH 0/3] pidfs: small fixes

[Christian Brauner]

Three independent pidfs bug fixes, each with a Fixes: tag.

Patch 1 fixes PIDFD_THREAD flag loss when pidfds are opened via file
handles. PIDFD_THREAD is defined as O_EXCL, and do_dentry_open() strips
O_EXCL from f_flags, so thread pidfds obtained via open_by_handle_at()
silently end up with PIDTYPE_TGID scope. pidfs_alloc_file() already
restored the flag after dentry_open(); factor that into a shared
pidfs_open_file() helper and use it from pidfs_export_open() too.
Without this, pidfd_send_signal() on a thread pidfd reopened from a
file handle delivers to the entire thread group instead of the
specific thread.

Patch 2 fixes pidfs_xattr_get() returning 0 when no xattrs have ever
been set (attr->xattrs == NULL). The VFS interprets 0 as "xattr exists
with a zero-length value", so getxattr() on a pidfd reports success
for non-existent xattrs. Return -ENODATA instead, matching
simple_xattr_get().

Patch 3 enforces the documented PIDFD_GET_INFO contract that the
kernel must not set a mask bit unless the user buffer is large enough
to carry the corresponding field. Today PIDFD_INFO_COREDUMP,
PIDFD_INFO_COREDUMP_SIGNAL and PIDFD_INFO_SUPPORTED_MASK are returned
in the mask without checking usize against PIDFD_INFO_SIZE_VER1/VER2.
copy_struct_to_user() stops at min(usize, ksize) so no kernel memory
leaks, but userspace that trusts the mask as documented will read its
own uninitialized buffer as if it were valid data. Gate the mask bits
on usize.

Signed-off-by: Christian Brauner (Amutable) <brauner@xxxxxxxxxx>
---
Christian Brauner (3):
      pidfs: fix PIDFD_THREAD flag loss when opening pidfds via file handles
      pidfs: return -ENODATA from pidfs_xattr_get() when no xattrs exist
      pidfs: don't report pidfd_info fields that won't fit in the user buffer

 fs/pidfs.c | 38 +++++++++++++++++++++++---------------
 1 file changed, 23 insertions(+), 15 deletions(-)
---
base-commit: e774d5f1bc27a85f858bce7688509e866f8e8a4e
change-id: 20260420-work-pidfs-6152879f9434