diff options
author | Jan Kara <jack@suse.cz> | 2019-05-15 17:28:34 +0300 |
---|---|---|
committer | Jan Kara <jack@suse.cz> | 2019-05-28 19:10:07 +0300 |
commit | 0b3b094ac9a7bb1fcf5d694f3ec981e6864a63d3 (patch) | |
tree | 71e5065d0213798e38d809f0d32fcbba047db6e5 /fs/proc | |
parent | cd6c84d8f0cdc911df435bb075ba22ce3c605b07 (diff) | |
download | linux-0b3b094ac9a7bb1fcf5d694f3ec981e6864a63d3.tar.xz |
fanotify: Disallow permission events for proc filesystem
Proc filesystem has special locking rules for various files. Thus
fanotify which opens files on event delivery can easily deadlock
against another process that waits for fanotify permission event to be
handled. Since permission events on /proc have doubtful value anyway,
just disallow them.
Link: https://lore.kernel.org/linux-fsdevel/20190320131642.GE9485@quack2.suse.cz/
Reviewed-by: Amir Goldstein <amir73il@gmail.com>
Signed-off-by: Jan Kara <jack@suse.cz>
Diffstat (limited to 'fs/proc')
-rw-r--r-- | fs/proc/root.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/fs/proc/root.c b/fs/proc/root.c index 8b145e7b9661..522199e9525e 100644 --- a/fs/proc/root.c +++ b/fs/proc/root.c @@ -211,7 +211,7 @@ static struct file_system_type proc_fs_type = { .init_fs_context = proc_init_fs_context, .parameters = &proc_fs_parameters, .kill_sb = proc_kill_sb, - .fs_flags = FS_USERNS_MOUNT, + .fs_flags = FS_USERNS_MOUNT | FS_DISALLOW_NOTIFY_PERM, }; void __init proc_root_init(void) |