[PATCH v4 1/2] proc: pass file instead of inode to proc_mem_open
Kees Cook
kees at kernel.org
Fri May 31 21:14:04 UTC 2024
On Fri, May 24, 2024 at 10:28:57PM +0300, Adrian Ratiu wrote:
> The file struct is required in proc_mem_open() so its
> f_mode can be checked when deciding whether to allow or
> deny /proc/*/mem open requests via the new read/write
> and foll_force restriction mechanism.
>
> Thus instead of directly passing the inode to the fun,
> we pass the file and get the inode inside it.
>
> Cc: Jann Horn <jannh at google.com>
> Cc: Kees Cook <keescook at chromium.org>
> Cc: Christian Brauner <brauner at kernel.org>
> Signed-off-by: Adrian Ratiu <adrian.ratiu at collabora.com>
With the nommu errors pointed out by 0day fixed:
Reviewed-by: Kees Cook <kees at kernel.org>
--
Kees Cook
More information about the Linux-security-module-archive
mailing list