| Message ID | 3020418a466bc3f4e90413c3c98c29a1a93fd59f.1623282854.git.repnop@google.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | Add pidfd support to the fanotify API | expand |
On Thu, Jun 10, 2021 at 10:20:43AM +1000, Matthew Bobrowski wrote: > By adding the pidfd_create() declaration to linux/pid.h, we > effectively expose this function to the rest of the kernel. In order > to avoid any unintended behaviour, or set false expectations upon this > function, ensure that constraints are forced upon each of the passed > parameters. This includes the checking of whether the passed struct > pid is a thread-group leader as pidfd creation is currently limited to > such pid types. > > Signed-off-by: Matthew Bobrowski <repnop@google.com> > --- Looks good, Acked-by: Christian Brauner <christian.brauner@ubuntu.com>
diff --git a/kernel/pid.c b/kernel/pid.c index d3cd95b8b080..efe87db44683 100644 --- a/kernel/pid.c +++ b/kernel/pid.c @@ -559,6 +559,12 @@ int pidfd_create(struct pid *pid, unsigned int flags) { int fd; + if (!pid || !pid_has_task(pid, PIDTYPE_TGID)) + return -EINVAL; + + if (flags & ~(O_NONBLOCK | O_RDWR | O_CLOEXEC)) + return -EINVAL; + fd = anon_inode_getfd("[pidfd]", &pidfd_fops, get_pid(pid), flags | O_RDWR | O_CLOEXEC); if (fd < 0) @@ -598,10 +604,7 @@ SYSCALL_DEFINE2(pidfd_open, pid_t, pid, unsigned int, flags) if (!p) return -ESRCH; - if (pid_has_task(p, PIDTYPE_TGID)) - fd = pidfd_create(p, flags); - else - fd = -EINVAL; + fd = pidfd_create(p, flags); put_pid(p); return fd;
By adding the pidfd_create() declaration to linux/pid.h, we effectively expose this function to the rest of the kernel. In order to avoid any unintended behaviour, or set false expectations upon this function, ensure that constraints are forced upon each of the passed parameters. This includes the checking of whether the passed struct pid is a thread-group leader as pidfd creation is currently limited to such pid types. Signed-off-by: Matthew Bobrowski <repnop@google.com> --- kernel/pid.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-)