0001
0002 #include <linux/sched/signal.h>
0003 #include <linux/errno.h>
0004 #include <linux/dcache.h>
0005 #include <linux/path.h>
0006 #include <linux/fdtable.h>
0007 #include <linux/namei.h>
0008 #include <linux/pid.h>
0009 #include <linux/ptrace.h>
0010 #include <linux/security.h>
0011 #include <linux/file.h>
0012 #include <linux/seq_file.h>
0013 #include <linux/fs.h>
0014
0015 #include <linux/proc_fs.h>
0016
0017 #include "../mount.h"
0018 #include "internal.h"
0019 #include "fd.h"
0020
0021 static int seq_show(struct seq_file *m, void *v)
0022 {
0023 struct files_struct *files = NULL;
0024 int f_flags = 0, ret = -ENOENT;
0025 struct file *file = NULL;
0026 struct task_struct *task;
0027
0028 task = get_proc_task(m->private);
0029 if (!task)
0030 return -ENOENT;
0031
0032 task_lock(task);
0033 files = task->files;
0034 if (files) {
0035 unsigned int fd = proc_fd(m->private);
0036
0037 spin_lock(&files->file_lock);
0038 file = files_lookup_fd_locked(files, fd);
0039 if (file) {
0040 struct fdtable *fdt = files_fdtable(files);
0041
0042 f_flags = file->f_flags;
0043 if (close_on_exec(fd, fdt))
0044 f_flags |= O_CLOEXEC;
0045
0046 get_file(file);
0047 ret = 0;
0048 }
0049 spin_unlock(&files->file_lock);
0050 }
0051 task_unlock(task);
0052 put_task_struct(task);
0053
0054 if (ret)
0055 return ret;
0056
0057 seq_printf(m, "pos:\t%lli\nflags:\t0%o\nmnt_id:\t%i\nino:\t%lu\n",
0058 (long long)file->f_pos, f_flags,
0059 real_mount(file->f_path.mnt)->mnt_id,
0060 file_inode(file)->i_ino);
0061
0062
0063 show_fd_locks(m, file, files);
0064 if (seq_has_overflowed(m))
0065 goto out;
0066
0067 if (file->f_op->show_fdinfo)
0068 file->f_op->show_fdinfo(m, file);
0069
0070 out:
0071 fput(file);
0072 return 0;
0073 }
0074
0075 static int proc_fdinfo_access_allowed(struct inode *inode)
0076 {
0077 bool allowed = false;
0078 struct task_struct *task = get_proc_task(inode);
0079
0080 if (!task)
0081 return -ESRCH;
0082
0083 allowed = ptrace_may_access(task, PTRACE_MODE_READ_FSCREDS);
0084 put_task_struct(task);
0085
0086 if (!allowed)
0087 return -EACCES;
0088
0089 return 0;
0090 }
0091
0092 static int seq_fdinfo_open(struct inode *inode, struct file *file)
0093 {
0094 int ret = proc_fdinfo_access_allowed(inode);
0095
0096 if (ret)
0097 return ret;
0098
0099 return single_open(file, seq_show, inode);
0100 }
0101
0102 static const struct file_operations proc_fdinfo_file_operations = {
0103 .open = seq_fdinfo_open,
0104 .read = seq_read,
0105 .llseek = seq_lseek,
0106 .release = single_release,
0107 };
0108
0109 static bool tid_fd_mode(struct task_struct *task, unsigned fd, fmode_t *mode)
0110 {
0111 struct file *file;
0112
0113 rcu_read_lock();
0114 file = task_lookup_fd_rcu(task, fd);
0115 if (file)
0116 *mode = file->f_mode;
0117 rcu_read_unlock();
0118 return !!file;
0119 }
0120
0121 static void tid_fd_update_inode(struct task_struct *task, struct inode *inode,
0122 fmode_t f_mode)
0123 {
0124 task_dump_owner(task, 0, &inode->i_uid, &inode->i_gid);
0125
0126 if (S_ISLNK(inode->i_mode)) {
0127 unsigned i_mode = S_IFLNK;
0128 if (f_mode & FMODE_READ)
0129 i_mode |= S_IRUSR | S_IXUSR;
0130 if (f_mode & FMODE_WRITE)
0131 i_mode |= S_IWUSR | S_IXUSR;
0132 inode->i_mode = i_mode;
0133 }
0134 security_task_to_inode(task, inode);
0135 }
0136
0137 static int tid_fd_revalidate(struct dentry *dentry, unsigned int flags)
0138 {
0139 struct task_struct *task;
0140 struct inode *inode;
0141 unsigned int fd;
0142
0143 if (flags & LOOKUP_RCU)
0144 return -ECHILD;
0145
0146 inode = d_inode(dentry);
0147 task = get_proc_task(inode);
0148 fd = proc_fd(inode);
0149
0150 if (task) {
0151 fmode_t f_mode;
0152 if (tid_fd_mode(task, fd, &f_mode)) {
0153 tid_fd_update_inode(task, inode, f_mode);
0154 put_task_struct(task);
0155 return 1;
0156 }
0157 put_task_struct(task);
0158 }
0159 return 0;
0160 }
0161
0162 static const struct dentry_operations tid_fd_dentry_operations = {
0163 .d_revalidate = tid_fd_revalidate,
0164 .d_delete = pid_delete_dentry,
0165 };
0166
0167 static int proc_fd_link(struct dentry *dentry, struct path *path)
0168 {
0169 struct task_struct *task;
0170 int ret = -ENOENT;
0171
0172 task = get_proc_task(d_inode(dentry));
0173 if (task) {
0174 unsigned int fd = proc_fd(d_inode(dentry));
0175 struct file *fd_file;
0176
0177 fd_file = fget_task(task, fd);
0178 if (fd_file) {
0179 *path = fd_file->f_path;
0180 path_get(&fd_file->f_path);
0181 ret = 0;
0182 fput(fd_file);
0183 }
0184 put_task_struct(task);
0185 }
0186
0187 return ret;
0188 }
0189
0190 struct fd_data {
0191 fmode_t mode;
0192 unsigned fd;
0193 };
0194
0195 static struct dentry *proc_fd_instantiate(struct dentry *dentry,
0196 struct task_struct *task, const void *ptr)
0197 {
0198 const struct fd_data *data = ptr;
0199 struct proc_inode *ei;
0200 struct inode *inode;
0201
0202 inode = proc_pid_make_inode(dentry->d_sb, task, S_IFLNK);
0203 if (!inode)
0204 return ERR_PTR(-ENOENT);
0205
0206 ei = PROC_I(inode);
0207 ei->fd = data->fd;
0208
0209 inode->i_op = &proc_pid_link_inode_operations;
0210 inode->i_size = 64;
0211
0212 ei->op.proc_get_link = proc_fd_link;
0213 tid_fd_update_inode(task, inode, data->mode);
0214
0215 d_set_d_op(dentry, &tid_fd_dentry_operations);
0216 return d_splice_alias(inode, dentry);
0217 }
0218
0219 static struct dentry *proc_lookupfd_common(struct inode *dir,
0220 struct dentry *dentry,
0221 instantiate_t instantiate)
0222 {
0223 struct task_struct *task = get_proc_task(dir);
0224 struct fd_data data = {.fd = name_to_int(&dentry->d_name)};
0225 struct dentry *result = ERR_PTR(-ENOENT);
0226
0227 if (!task)
0228 goto out_no_task;
0229 if (data.fd == ~0U)
0230 goto out;
0231 if (!tid_fd_mode(task, data.fd, &data.mode))
0232 goto out;
0233
0234 result = instantiate(dentry, task, &data);
0235 out:
0236 put_task_struct(task);
0237 out_no_task:
0238 return result;
0239 }
0240
0241 static int proc_readfd_common(struct file *file, struct dir_context *ctx,
0242 instantiate_t instantiate)
0243 {
0244 struct task_struct *p = get_proc_task(file_inode(file));
0245 unsigned int fd;
0246
0247 if (!p)
0248 return -ENOENT;
0249
0250 if (!dir_emit_dots(file, ctx))
0251 goto out;
0252
0253 rcu_read_lock();
0254 for (fd = ctx->pos - 2;; fd++) {
0255 struct file *f;
0256 struct fd_data data;
0257 char name[10 + 1];
0258 unsigned int len;
0259
0260 f = task_lookup_next_fd_rcu(p, &fd);
0261 ctx->pos = fd + 2LL;
0262 if (!f)
0263 break;
0264 data.mode = f->f_mode;
0265 rcu_read_unlock();
0266 data.fd = fd;
0267
0268 len = snprintf(name, sizeof(name), "%u", fd);
0269 if (!proc_fill_cache(file, ctx,
0270 name, len, instantiate, p,
0271 &data))
0272 goto out;
0273 cond_resched();
0274 rcu_read_lock();
0275 }
0276 rcu_read_unlock();
0277 out:
0278 put_task_struct(p);
0279 return 0;
0280 }
0281
0282 static int proc_readfd(struct file *file, struct dir_context *ctx)
0283 {
0284 return proc_readfd_common(file, ctx, proc_fd_instantiate);
0285 }
0286
0287 const struct file_operations proc_fd_operations = {
0288 .read = generic_read_dir,
0289 .iterate_shared = proc_readfd,
0290 .llseek = generic_file_llseek,
0291 };
0292
0293 static struct dentry *proc_lookupfd(struct inode *dir, struct dentry *dentry,
0294 unsigned int flags)
0295 {
0296 return proc_lookupfd_common(dir, dentry, proc_fd_instantiate);
0297 }
0298
0299
0300
0301
0302
0303 int proc_fd_permission(struct user_namespace *mnt_userns,
0304 struct inode *inode, int mask)
0305 {
0306 struct task_struct *p;
0307 int rv;
0308
0309 rv = generic_permission(&init_user_ns, inode, mask);
0310 if (rv == 0)
0311 return rv;
0312
0313 rcu_read_lock();
0314 p = pid_task(proc_pid(inode), PIDTYPE_PID);
0315 if (p && same_thread_group(p, current))
0316 rv = 0;
0317 rcu_read_unlock();
0318
0319 return rv;
0320 }
0321
0322 const struct inode_operations proc_fd_inode_operations = {
0323 .lookup = proc_lookupfd,
0324 .permission = proc_fd_permission,
0325 .setattr = proc_setattr,
0326 };
0327
0328 static struct dentry *proc_fdinfo_instantiate(struct dentry *dentry,
0329 struct task_struct *task, const void *ptr)
0330 {
0331 const struct fd_data *data = ptr;
0332 struct proc_inode *ei;
0333 struct inode *inode;
0334
0335 inode = proc_pid_make_inode(dentry->d_sb, task, S_IFREG | S_IRUGO);
0336 if (!inode)
0337 return ERR_PTR(-ENOENT);
0338
0339 ei = PROC_I(inode);
0340 ei->fd = data->fd;
0341
0342 inode->i_fop = &proc_fdinfo_file_operations;
0343 tid_fd_update_inode(task, inode, 0);
0344
0345 d_set_d_op(dentry, &tid_fd_dentry_operations);
0346 return d_splice_alias(inode, dentry);
0347 }
0348
0349 static struct dentry *
0350 proc_lookupfdinfo(struct inode *dir, struct dentry *dentry, unsigned int flags)
0351 {
0352 return proc_lookupfd_common(dir, dentry, proc_fdinfo_instantiate);
0353 }
0354
0355 static int proc_readfdinfo(struct file *file, struct dir_context *ctx)
0356 {
0357 return proc_readfd_common(file, ctx,
0358 proc_fdinfo_instantiate);
0359 }
0360
0361 static int proc_open_fdinfo(struct inode *inode, struct file *file)
0362 {
0363 int ret = proc_fdinfo_access_allowed(inode);
0364
0365 if (ret)
0366 return ret;
0367
0368 return 0;
0369 }
0370
0371 const struct inode_operations proc_fdinfo_inode_operations = {
0372 .lookup = proc_lookupfdinfo,
0373 .setattr = proc_setattr,
0374 };
0375
0376 const struct file_operations proc_fdinfo_operations = {
0377 .open = proc_open_fdinfo,
0378 .read = generic_read_dir,
0379 .iterate_shared = proc_readfdinfo,
0380 .llseek = generic_file_llseek,
0381 };
