summaryrefslogtreecommitdiff
path: root/fs/proc/inode.c
diff options
context:
space:
mode:
authorEric W. Biederman <ebiederm@xmission.com>2011-06-19 04:48:18 +0400
committerEric W. Biederman <ebiederm@xmission.com>2012-11-20 16:19:48 +0400
commitbf056bfa80596a5d14b26b17276a56a0dcb080e5 (patch)
tree116db3255e1b75a92b30b72afe416aa941109e9f /fs/proc/inode.c
parent33d6dce607573b5fd7a43168e0d91221b3ca532b (diff)
downloadlinux-bf056bfa80596a5d14b26b17276a56a0dcb080e5.tar.xz
proc: Fix the namespace inode permission checks.
Change the proc namespace files into symlinks so that we won't cache the dentries for the namespace files which can bypass the ptrace_may_access checks. To support the symlinks create an additional namespace inode with it's own set of operations distinct from the proc pid inode and dentry methods as those no longer make sense. Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Diffstat (limited to 'fs/proc/inode.c')
-rw-r--r--fs/proc/inode.c6
1 files changed, 4 insertions, 2 deletions
diff --git a/fs/proc/inode.c b/fs/proc/inode.c
index 3b22bbdee9ec..439ae6886507 100644
--- a/fs/proc/inode.c
+++ b/fs/proc/inode.c
@@ -31,6 +31,7 @@ static void proc_evict_inode(struct inode *inode)
struct proc_dir_entry *de;
struct ctl_table_header *head;
const struct proc_ns_operations *ns_ops;
+ void *ns;
truncate_inode_pages(&inode->i_data, 0);
clear_inode(inode);
@@ -49,8 +50,9 @@ static void proc_evict_inode(struct inode *inode)
}
/* Release any associated namespace */
ns_ops = PROC_I(inode)->ns_ops;
- if (ns_ops && ns_ops->put)
- ns_ops->put(PROC_I(inode)->ns);
+ ns = PROC_I(inode)->ns;
+ if (ns_ops && ns)
+ ns_ops->put(ns);
}
static struct kmem_cache * proc_inode_cachep;