proc: block mounting on top of /proc/<pid>/fdinfo/*

brauner · brauner · commit cf71eaa1ad18 · 2024-08-30T08:22:13.000+02:00
Entries under /proc/<pid>/fdinfo/* are ephemeral and may go away before the process dies. As such allowing them to be used as mount points creates the ability to leak mounts that linger until the process dies with no ability to unmount them until then. Don't allow using them as mountpoints. Link: https://lore.kernel.org/r/20240806-work-procfs-v1-6-fb04e1d09f0c@kernel.org Reviewed-by: Josef Bacik <josef@toxicpanda.com> Signed-off-by: Christian Brauner <brauner@kernel.org>
diff --git a/fs/proc/fd.c b/fs/proc/fd.c
@@ -397,8 +397,8 @@ static struct dentry *proc_fdinfo_instantiate(struct dentry *dentry,
 	inode->i_fop = &proc_fdinfo_file_operations;
 	tid_fd_update_inode(task, inode, 0);
 
-	d_set_d_op(dentry, &tid_fd_dentry_operations);
-	return d_splice_alias(inode, dentry);
+	return proc_splice_unmountable(inode, dentry,
+				       &tid_fd_dentry_operations);
 }
 
 static struct dentry *

Original file line number	Diff line number	Diff line change
`@@ -397,8 +397,8 @@ static struct dentry proc_fdinfo_instantiate(struct dentry dentry,`
`397`	`397`	`inode->i_fop = &proc_fdinfo_file_operations;`
`398`	`398`	`tid_fd_update_inode(task, inode, 0);`
`399`	`399`
`400`		`- d_set_d_op(dentry, &tid_fd_dentry_operations);`
`401`		`- return d_splice_alias(inode, dentry);`
	`400`	`+ return proc_splice_unmountable(inode, dentry,`
	`401`	`+ &tid_fd_dentry_operations);`
`402`	`402`	`}`
`403`	`403`
`404`	`404`	`static struct dentry *`