diff options
| author | Eric W. Biederman <ebiederm@xmission.com> | 2020-03-02 16:00:33 -0600 |
|---|---|---|
| committer | Eric W. Biederman <ebiederm@xmission.com> | 2020-03-02 16:00:33 -0600 |
| commit | a0d4a141750df51135499f96c355c4d76add5505 (patch) | |
| tree | ca1a72db5f1bb4725807c466fc4ef4914201f3db /include/linux | |
| parent | a13ae6971599dd01a5fa8da9ee1bd5bb3efa01b3 (diff) | |
| parent | af9fe6d607c9f456fb6c1cb87e1dc66a43846efd (diff) | |
Proc mount option handling is broken, and it has been since I
accidentally broke it in the middle 2016.
The problem is that because we perform an internal mount of proc
before user space mounts proc all of the mount options that user
specifies when mounting proc are ignored.
You can set those mount options with a remount but that is rather
surprising.
This most directly affects android which is using hidpid=2 by default.
Now that the sysctl system call support has been removed, and we have
settled on way of flushing proc dentries when a process exits without
using proc_mnt, there is an simple and easy fix.
a) Give UML mconsole it's own private mount of proc to use.
b) Stop creating the internal mount of proc
We still need Alexey Gladkov's full patch to get proc mount options to
work inside of UML, and to be generally useful. This set of changes
is just enough to get them working as well as they have in the past.
If anyone sees any problem with this code please let me know.
Otherwise I plan to merge these set of fixes through my tree.
Link: https://lore.kernel.org/lkml/87r21tuulj.fsf@x220.int.ebiederm.org/
Link: https://lore.kernel.org/lkml/871rqk2brn.fsf_-_@x220.int.ebiederm.org/
Link: https://lore.kernel.org/lkml/20200210150519.538333-1-gladkov.alexey@gmail.com/
Link: https://lore.kernel.org/lkml/20180611195744.154962-1-astrachan@google.com/
Fixes: e94591d0d90c ("proc: Convert proc_mount to use mount_ns.")
Eric W. Biederman (4):
uml: Don't consult current to find the proc_mnt in mconsole_proc
uml: Create a private mount of proc for mconsole
proc: Remove the now unnecessary internal mount of proc
pid: Improve the comment about waiting in zap_pid_ns_processes
arch/um/drivers/mconsole_kern.c | 28 +++++++++++++++++++++++++++-
fs/proc/root.c | 36 ------------------------------------
include/linux/pid_namespace.h | 2 --
include/linux/proc_ns.h | 5 -----
kernel/pid.c | 8 --------
kernel/pid_namespace.c | 38 +++++++++++++++++++-------------------
6 files changed, 46 insertions(+), 71 deletions(-)
Diffstat (limited to 'include/linux')
| -rw-r--r-- | include/linux/pid_namespace.h | 2 | ||||
| -rw-r--r-- | include/linux/proc_ns.h | 5 |
2 files changed, 0 insertions, 7 deletions
diff --git a/include/linux/pid_namespace.h b/include/linux/pid_namespace.h index 2ed6af88794b..4956e362e55e 100644 --- a/include/linux/pid_namespace.h +++ b/include/linux/pid_namespace.h @@ -33,7 +33,6 @@ struct pid_namespace { unsigned int level; struct pid_namespace *parent; #ifdef CONFIG_PROC_FS - struct vfsmount *proc_mnt; struct dentry *proc_self; struct dentry *proc_thread_self; #endif @@ -42,7 +41,6 @@ struct pid_namespace { #endif struct user_namespace *user_ns; struct ucounts *ucounts; - struct work_struct proc_work; kgid_t pid_gid; int hide_pid; int reboot; /* group exit code if this pidns was rebooted */ diff --git a/include/linux/proc_ns.h b/include/linux/proc_ns.h index 4626b1ac3b6c..e1106a077c1a 100644 --- a/include/linux/proc_ns.h +++ b/include/linux/proc_ns.h @@ -50,16 +50,11 @@ enum { #ifdef CONFIG_PROC_FS -extern int pid_ns_prepare_proc(struct pid_namespace *ns); -extern void pid_ns_release_proc(struct pid_namespace *ns); extern int proc_alloc_inum(unsigned int *pino); extern void proc_free_inum(unsigned int inum); #else /* CONFIG_PROC_FS */ -static inline int pid_ns_prepare_proc(struct pid_namespace *ns) { return 0; } -static inline void pid_ns_release_proc(struct pid_namespace *ns) {} - static inline int proc_alloc_inum(unsigned int *inum) { *inum = 1; |