[PATCH v4 1/2] proc: pass file instead of inode to proc_mem_open

Kees Cook kees at kernel.org
Fri May 31 21:14:04 UTC 2024


On Fri, May 24, 2024 at 10:28:57PM +0300, Adrian Ratiu wrote:
> The file struct is required in proc_mem_open() so its
> f_mode can be checked when deciding whether to allow or
> deny /proc/*/mem open requests via the new read/write
> and foll_force restriction mechanism.
> 
> Thus instead of directly passing the inode to the fun,
> we pass the file and get the inode inside it.
> 
> Cc: Jann Horn <jannh at google.com>
> Cc: Kees Cook <keescook at chromium.org>
> Cc: Christian Brauner <brauner at kernel.org>
> Signed-off-by: Adrian Ratiu <adrian.ratiu at collabora.com>

With the nommu errors pointed out by 0day fixed:

Reviewed-by: Kees Cook <kees at kernel.org>

-- 
Kees Cook



More information about the Linux-security-module-archive mailing list