[PATCH v8 07/11] proc: flush task dcache entries from all procfs instances
Al Viro
viro at zeniv.linux.org.uk
Tue Feb 11 22:45:53 UTC 2020
On Mon, Feb 10, 2020 at 04:05:15PM +0100, Alexey Gladkov wrote:
> This allows to flush dcache entries of a task on multiple procfs mounts
> per pid namespace.
>
> The RCU lock is used because the number of reads at the task exit time
> is much larger than the number of procfs mounts.
>
> Cc: Kees Cook <keescook at chromium.org>
> Cc: Andy Lutomirski <luto at kernel.org>
> Signed-off-by: Djalal Harouni <tixxdz at gmail.com>
> Suggested-by: Linus Torvalds <torvalds at linux-foundation.org>
> Signed-off-by: Alexey Gladkov <gladkov.alexey at gmail.com>
> ---
> fs/proc/base.c | 20 +++++++++++++++-----
> fs/proc/root.c | 27 ++++++++++++++++++++++++++-
> include/linux/pid_namespace.h | 2 ++
> include/linux/proc_fs.h | 2 ++
> 4 files changed, 45 insertions(+), 6 deletions(-)
>
> diff --git a/fs/proc/base.c b/fs/proc/base.c
> index 4ccb280a3e79..24b7c620ded3 100644
> --- a/fs/proc/base.c
> +++ b/fs/proc/base.c
> @@ -3133,7 +3133,7 @@ static const struct inode_operations proc_tgid_base_inode_operations = {
> .permission = proc_pid_permission,
> };
>
> -static void proc_flush_task_mnt(struct vfsmount *mnt, pid_t pid, pid_t tgid)
> +static void proc_flush_task_mnt_root(struct dentry *mnt_root, pid_t pid, pid_t tgid)
> {
> struct dentry *dentry, *leader, *dir;
> char buf[10 + 1];
> @@ -3142,7 +3142,7 @@ static void proc_flush_task_mnt(struct vfsmount *mnt, pid_t pid, pid_t tgid)
> name.name = buf;
> name.len = snprintf(buf, sizeof(buf), "%u", pid);
> /* no ->d_hash() rejects on procfs */
> - dentry = d_hash_and_lookup(mnt->mnt_root, &name);
> + dentry = d_hash_and_lookup(mnt_root, &name);
> if (dentry) {
> d_invalidate(dentry);
... which can block
> dput(dentry);
... and so can this
> + rcu_read_lock();
> + list_for_each_entry_rcu(fs_info, &upid->ns->proc_mounts, pidns_entry) {
> + mnt_root = fs_info->m_super->s_root;
> + proc_flush_task_mnt_root(mnt_root, upid->nr, tgid->numbers[i].nr);
... making that more than slightly unsafe.
More information about the Linux-security-module-archive
mailing list