[PATCH 07/23] proc: Remove bogus proc_task_permission.

From: ebiederm@xmission.com (Eric W. Biederman)
To: Andrew Morton <akpm@osdl.org>
Cc: <linux-kernel@vger.kernel.org>
Subject: [PATCH 07/23] proc: Remove bogus proc_task_permission.
Date: Thu, 23 Feb 2006 09:05:35 -0700	[thread overview]
Message-ID: <m1pslegiwg.fsf_-_@ebiederm.dsl.xmission.com> (raw)
In-Reply-To: <m1u0aqgiyv.fsf_-_@ebiederm.dsl.xmission.com> (Eric W. Biederman's message of "Thu, 23 Feb 2006 09:04:08 -0700")


First we can access every /proc/<tgid>/task/<pid> directory as
/proc/<pid> so proc_task_permission is not usefully limiting
visibility.

Second having related filesystems information should have nothing to
do with process visibility.  kill does not implement any checks
like that.

It looks like proc_task_permission was added when the /proc/<tgid>/task
directories were added and someone misunderstood what proc_permission
was trying to accomplish.

Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>


---

 fs/proc/base.c |   63 --------------------------------------------------------
 1 files changed, 0 insertions(+), 63 deletions(-)

e1ab81806f60fd8ccda2773f9cdadd05990b5e81

diff --git a/fs/proc/base.c b/fs/proc/base.c
index 8357c52..8b938ef 100644
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -350,54 +350,6 @@ static int proc_root_link(struct inode *
 	return result;
 }
 
-
-/* Same as proc_root_link, but this addionally tries to get fs from other
- * threads in the group */
-static int proc_task_root_link(struct inode *inode, struct dentry **dentry,
-				struct vfsmount **mnt)
-{
-	struct fs_struct *fs;
-	int result = -ENOENT;
-	struct task_struct *leader = proc_task(inode);
-
-	task_lock(leader);
-	fs = leader->fs;
-	if (fs) {
-		atomic_inc(&fs->count);
-		task_unlock(leader);
-	} else {
-		/* Try to get fs from other threads */
-		task_unlock(leader);
-		read_lock(&tasklist_lock);
-		if (pid_alive(leader)) {
-			struct task_struct *task = leader;
-
-			while ((task = next_thread(task)) != leader) {
-				task_lock(task);
-				fs = task->fs;
-				if (fs) {
-					atomic_inc(&fs->count);
-					task_unlock(task);
-					break;
-				}
-				task_unlock(task);
-			}
-		}
-		read_unlock(&tasklist_lock);
-	}
-
-	if (fs) {
-		read_lock(&fs->lock);
-		*mnt = mntget(fs->rootmnt);
-		*dentry = dget(fs->root);
-		read_unlock(&fs->lock);
-		result = 0;
-		put_fs_struct(fs);
-	}
-	return result;
-}
-
-
 #define MAY_PTRACE(task) \
 	(task == current || \
 	(task->parent == current && \
@@ -586,20 +538,6 @@ static int proc_permission(struct inode 
 	return proc_check_root(inode);
 }
 
-static int proc_task_permission(struct inode *inode, int mask, struct nameidata *nd)
-{
-	struct dentry *root;
-	struct vfsmount *vfsmnt;
-
-	if (generic_permission(inode, mask, NULL) != 0)
-		return -EACCES;
-
-	if (proc_task_root_link(inode, &root, &vfsmnt))
-		return -ENOENT;
-
-	return proc_check_chroot(root, vfsmnt);
-}
-
 extern struct seq_operations proc_pid_maps_op;
 static int maps_open(struct inode *inode, struct file *file)
 {
@@ -1531,7 +1469,6 @@ static struct inode_operations proc_fd_i
 
 static struct inode_operations proc_task_inode_operations = {
 	.lookup		= proc_task_lookup,
-	.permission	= proc_task_permission,
 };
 
 #ifdef CONFIG_SECURITY
-- 
1.2.2.g709a

