Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp1211679pxb;
        Thu, 28 Jan 2021 10:31:12 -0800 (PST)
X-Google-Smtp-Source: ABdhPJwAEwTOYBBr3LCmAfuoyk53ajjrUhpbNy6rdwwNWdWAKqadcH0qGh4rpvQWcu04SuLf9knq
X-Received: by 2002:a17:906:e958:: with SMTP id jw24mr787365ejb.208.1611858672394;
        Thu, 28 Jan 2021 10:31:12 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1611858672; cv=none;
        d=google.com; s=arc-20160816;
        b=0dpgOcbOmU2eTiaLYT7rlCTYSW0hXZZsKsaenZLcBxUS+fsMRHr3Ejn7QsJ+1y+c5P
         OUw2MGCmJ2rw9eWk2yRwkpbuYim9ifjw93K5262OQo8S2U+Ec75XIXoPCSMGneMD0aVW
         +E5c/rFns8CsLh8PeJ4sH85fzpIO1KQwGzxIpzJpnMkqG0SxjynICYf6biazwjwebpAH
         6cgvGZaMZxWtuaOjvtYxbDoXiyTsR+bDf9K2zyuQCWKjIry574O/OgvRu9etzkf+Oq8K
         o9b6+spV2mIsElZjSP9QXgUYgMxSmiJQRhWrR2fkcwhL72BU8Dx0kVQ0tc/j/SIFXD0R
         cJaQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:to:cc:from:subject:references:mime-version
         :message-id:in-reply-to:date:sender:dkim-signature;
        bh=yOsjKHLvnoq+T0cRgk6WnsccWWwkkwI2XrElOZ44a4s=;
        b=YQ6pVYBsD7oOZmUVEsjEN2j3ZGTQzNqBKMv/IQYHyxDrKpToLj6yAZY/Og7PibP7WK
         Z/DRNW+Muh2SYcqPhGjWp0wxWbhzCxP3RxX+GJwrTpbyW4RrIDJkdJOO6JXA3Fwb15D/
         6FXv8Ftg9qcFnMgZZqYW33bjxeLKAGM0nlRt/xw6Jmq5BV094eRdEyAQtoCmf3NEBh38
         StPTXIcLQsB1E6dfKJNgCzZqQjyhW0kbH5ZhPepx1IXJLdFDy6LZts/20yZlWF8mZqnz
         zPcjcxC4plX8ClH26iAhj5pa+6zfV82ATfaC6RWVj1NRMQYKJUH4LobSzVXdbAJEvTZG
         VjKw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@google.com header.s=20161025 header.b=porQePtn;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id y18si3502810edv.524.2021.01.28.10.30.46;
        Thu, 28 Jan 2021 10:31:12 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@google.com header.s=20161025 header.b=porQePtn;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S232137AbhA1S32 (ORCPT <rfc822;lizhiguo.at@gmail.com>
        + 99 others); Thu, 28 Jan 2021 13:29:28 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37332 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S231459AbhA1SZb (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 28 Jan 2021 13:25:31 -0500
Received: from mail-qt1-x849.google.com (mail-qt1-x849.google.com [IPv6:2607:f8b0:4864:20::849])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C6670C0617AA
        for <linux-kernel@vger.kernel.org>; Thu, 28 Jan 2021 10:24:50 -0800 (PST)
Received: by mail-qt1-x849.google.com with SMTP id v65so1741763qtd.0
        for <linux-kernel@vger.kernel.org>; Thu, 28 Jan 2021 10:24:50 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20161025;
        h=sender:date:in-reply-to:message-id:mime-version:references:subject
         :from:cc;
        bh=yOsjKHLvnoq+T0cRgk6WnsccWWwkkwI2XrElOZ44a4s=;
        b=porQePtnzfaEEOFsSWi2N2ISTIxiVLsHWVuQ63fqGEGA+01eiKaMdEzeylpiGe4p6i
         AK3w2P3xD/FyRZGEot7fbNIrSpjVoIYH8b6DGUS0q2sXMYtiHpfiX7Pp/08PJKrjqCmG
         ZuTbXEOQKpvH1AYzZ10NrY35qtXfgoznu0TWUuYxV2+qZOHNX/rwuqxCHtS8BhEPZov0
         fDuNT3zQ6V+wou8nA6YpLc8w21UAFv+uS8yxv0eggIuX6oldWtEdX4Sj+cneVY9vTNBt
         GKzWjhJlsC9KiqYvBQZ0/YVEbF1zU8W3miC+jzZh6vvqB8pb8BNAjCtcnf4fODvNNvvp
         oMFg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:sender:date:in-reply-to:message-id:mime-version
         :references:subject:from:cc;
        bh=yOsjKHLvnoq+T0cRgk6WnsccWWwkkwI2XrElOZ44a4s=;
        b=HAf9KLjLj6P9Cn3PGB4x9T6GxprfRLrgGayDRl2Q1xzGTt1pVIcHlruO358SJpnCct
         a7tC3zw9VvKADSfbE+DzMbBmc6VajaJjOBKTNFMxGTsTYrVJ6yWbKXeX19WlSmdz9Rbf
         Bazq4gWZ6znW+fqGqMdZ9zN6B9a2Mnn6eRT+0kPjPxzgpvf8NoEXMsZCwUHr+xvITJXq
         UclH1SH2eKfe3T8E7HCu3Z1R5a1+JZXrC8ddsKIoxnPyCrtqlOnbE0hkRvKJk/1XG7zD
         3sE++IITny/st6Jvjsr0gjr2rguAGQGdHcRmG8B9zRuC6CbM941o4+CYraubnukdH+U5
         4j1g==
X-Gm-Message-State: AOAM532fntwspSs/Il0+0aJK6jbO4jEmiM4muDi44NduLq/ppz26PNpI
        0NA3XryubTENTMDqLAKq2TgqRFX2DpDzCepVJA==
Sender: "kaleshsingh via sendgmr" <kaleshsingh@kaleshsingh.c.googlers.com>
X-Received: from kaleshsingh.c.googlers.com ([fda3:e722:ac3:10:14:4d90:c0a8:2145])
 (user=kaleshsingh job=sendgmr) by 2002:a05:6214:148a:: with SMTP id
 bn10mr826173qvb.52.1611858289928; Thu, 28 Jan 2021 10:24:49 -0800 (PST)
Date:   Thu, 28 Jan 2021 18:24:30 +0000
In-Reply-To: <20210128182432.2216573-1-kaleshsingh@google.com>
Message-Id: <20210128182432.2216573-2-kaleshsingh@google.com>
Mime-Version: 1.0
References: <20210128182432.2216573-1-kaleshsingh@google.com>
X-Mailer: git-send-email 2.30.0.280.ga3ce27912f-goog
Subject: [PATCH 1/2] procfs: Allow reading fdinfo with PTRACE_MODE_READ
From:   Kalesh Singh <kaleshsingh@google.com>
Cc:     jannh@google.com, jeffv@google.com, keescook@chromium.org,
        surenb@google.com, minchan@kernel.org, hridya@google.com,
        kernel-team@android.com, Kalesh Singh <kaleshsingh@google.com>,
        Sumit Semwal <sumit.semwal@linaro.org>,
        "=?UTF-8?q?Christian=20K=C3=B6nig?=" <christian.koenig@amd.com>,
        Alexey Dobriyan <adobriyan@gmail.com>,
        "Eric W. Biederman" <ebiederm@xmission.com>,
        Andrew Morton <akpm@linux-foundation.org>,
        Alexey Gladkov <gladkov.alexey@gmail.com>,
        Michel Lespinasse <walken@google.com>,
        Bernd Edlinger <bernd.edlinger@hotmail.de>,
        Andrei Vagin <avagin@gmail.com>,
        Yafang Shao <laoar.shao@gmail.com>,
        Christian Brauner <christian.brauner@ubuntu.com>,
        linux-media@vger.kernel.org, dri-devel@lists.freedesktop.org,
        linaro-mm-sig@lists.linaro.org, linux-kernel@vger.kernel.org,
        linux-fsdevel@vger.kernel.org
Content-Type: text/plain; charset="UTF-8"
To:     unlisted-recipients:; (no To-header on input)
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Since fdinfo doesn't permit reading process memory and manipulating
process state, allow accessing fdinfo under PTRACE_MODE_READ_FSCRED.

Suggested-by: Jann Horn <jannh@google.com>
Signed-off-by: Kalesh Singh <kaleshsingh@google.com>
---
 fs/proc/base.c |  4 ++--
 fs/proc/fd.c   | 15 ++++++++++++++-
 2 files changed, 16 insertions(+), 3 deletions(-)

diff --git a/fs/proc/base.c b/fs/proc/base.c
index b3422cda2a91..a37f9de7103f 100644
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -3160,7 +3160,7 @@ static const struct pid_entry tgid_base_stuff[] = {
 	DIR("task",       S_IRUGO|S_IXUGO, proc_task_inode_operations, proc_task_operations),
 	DIR("fd",         S_IRUSR|S_IXUSR, proc_fd_inode_operations, proc_fd_operations),
 	DIR("map_files",  S_IRUSR|S_IXUSR, proc_map_files_inode_operations, proc_map_files_operations),
-	DIR("fdinfo",     S_IRUSR|S_IXUSR, proc_fdinfo_inode_operations, proc_fdinfo_operations),
+	DIR("fdinfo",     S_IRUGO|S_IXUGO, proc_fdinfo_inode_operations, proc_fdinfo_operations),
 	DIR("ns",	  S_IRUSR|S_IXUGO, proc_ns_dir_inode_operations, proc_ns_dir_operations),
 #ifdef CONFIG_NET
 	DIR("net",        S_IRUGO|S_IXUGO, proc_net_inode_operations, proc_net_operations),
@@ -3504,7 +3504,7 @@ static const struct inode_operations proc_tid_comm_inode_operations = {
  */
 static const struct pid_entry tid_base_stuff[] = {
 	DIR("fd",        S_IRUSR|S_IXUSR, proc_fd_inode_operations, proc_fd_operations),
-	DIR("fdinfo",    S_IRUSR|S_IXUSR, proc_fdinfo_inode_operations, proc_fdinfo_operations),
+	DIR("fdinfo",    S_IRUGO|S_IXUGO, proc_fdinfo_inode_operations, proc_fdinfo_operations),
 	DIR("ns",	 S_IRUSR|S_IXUGO, proc_ns_dir_inode_operations, proc_ns_dir_operations),
 #ifdef CONFIG_NET
 	DIR("net",        S_IRUGO|S_IXUGO, proc_net_inode_operations, proc_net_operations),
diff --git a/fs/proc/fd.c b/fs/proc/fd.c
index cb51763ed554..585e213301f9 100644
--- a/fs/proc/fd.c
+++ b/fs/proc/fd.c
@@ -6,6 +6,7 @@
 #include <linux/fdtable.h>
 #include <linux/namei.h>
 #include <linux/pid.h>
+#include <linux/ptrace.h>
 #include <linux/security.h>
 #include <linux/file.h>
 #include <linux/seq_file.h>
@@ -72,6 +73,18 @@ static int seq_show(struct seq_file *m, void *v)
 
 static int seq_fdinfo_open(struct inode *inode, struct file *file)
 {
+	bool allowed = false;
+	struct task_struct *task = get_proc_task(inode);
+
+	if (!task)
+		return -ESRCH;
+
+	allowed = ptrace_may_access(task, PTRACE_MODE_READ_FSCREDS);
+	put_task_struct(task);
+
+	if (!allowed)
+		return -EACCES;
+
 	return single_open(file, seq_show, inode);
 }
 
@@ -307,7 +320,7 @@ static struct dentry *proc_fdinfo_instantiate(struct dentry *dentry,
 	struct proc_inode *ei;
 	struct inode *inode;
 
-	inode = proc_pid_make_inode(dentry->d_sb, task, S_IFREG | S_IRUSR);
+	inode = proc_pid_make_inode(dentry->d_sb, task, S_IFREG | S_IRUGO);
 	if (!inode)
 		return ERR_PTR(-ENOENT);
 
-- 
2.30.0.365.g02bc693789-goog