summaryrefslogtreecommitdiff
path: root/fs/proc
diff options
context:
space:
mode:
authorJan Kara <jack@suse.cz>2019-05-15 17:28:34 +0300
committerJan Kara <jack@suse.cz>2019-05-28 19:10:07 +0300
commit0b3b094ac9a7bb1fcf5d694f3ec981e6864a63d3 (patch)
tree71e5065d0213798e38d809f0d32fcbba047db6e5 /fs/proc
parentcd6c84d8f0cdc911df435bb075ba22ce3c605b07 (diff)
downloadlinux-0b3b094ac9a7bb1fcf5d694f3ec981e6864a63d3.tar.xz
fanotify: Disallow permission events for proc filesystem
Proc filesystem has special locking rules for various files. Thus fanotify which opens files on event delivery can easily deadlock against another process that waits for fanotify permission event to be handled. Since permission events on /proc have doubtful value anyway, just disallow them. Link: https://lore.kernel.org/linux-fsdevel/20190320131642.GE9485@quack2.suse.cz/ Reviewed-by: Amir Goldstein <amir73il@gmail.com> Signed-off-by: Jan Kara <jack@suse.cz>
Diffstat (limited to 'fs/proc')
-rw-r--r--fs/proc/root.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/fs/proc/root.c b/fs/proc/root.c
index 8b145e7b9661..522199e9525e 100644
--- a/fs/proc/root.c
+++ b/fs/proc/root.c
@@ -211,7 +211,7 @@ static struct file_system_type proc_fs_type = {
.init_fs_context = proc_init_fs_context,
.parameters = &proc_fs_parameters,
.kill_sb = proc_kill_sb,
- .fs_flags = FS_USERNS_MOUNT,
+ .fs_flags = FS_USERNS_MOUNT | FS_DISALLOW_NOTIFY_PERM,
};
void __init proc_root_init(void)