xref: /openbmc/linux/fs/proc/fd.c (revision 7b145802) 
1 // SPDX-License-Identifier: GPL-2.0
2 #include <linux/sched/signal.h>
3 #include <linux/errno.h>
4 #include <linux/dcache.h>
5 #include <linux/path.h>
6 #include <linux/fdtable.h>
7 #include <linux/namei.h>
8 #include <linux/pid.h>
9 #include <linux/ptrace.h>
10 #include <linux/security.h>
11 #include <linux/file.h>
12 #include <linux/seq_file.h>
13 #include <linux/fs.h>
14 
15 #include <linux/proc_fs.h>
16 
17 #include "../mount.h"
18 #include "internal.h"
19 #include "fd.h"
20 
21 static int seq_show(struct seq_file *m, void *v)
22 {
23 	struct files_struct *files = NULL;
24 	int f_flags = 0, ret = -ENOENT;
25 	struct file *file = NULL;
26 	struct task_struct *task;
27 
28 	task = get_proc_task(m->private);
29 	if (!task)
30 		return -ENOENT;
31 
32 	task_lock(task);
33 	files = task->files;
34 	if (files) {
35 		unsigned int fd = proc_fd(m->private);
36 
37 		spin_lock(&files->file_lock);
38 		file = files_lookup_fd_locked(files, fd);
39 		if (file) {
40 			struct fdtable *fdt = files_fdtable(files);
41 
42 			f_flags = file->f_flags;
43 			if (close_on_exec(fd, fdt))
44 				f_flags |= O_CLOEXEC;
45 
46 			get_file(file);
47 			ret = 0;
48 		}
49 		spin_unlock(&files->file_lock);
50 	}
51 	task_unlock(task);
52 	put_task_struct(task);
53 
54 	if (ret)
55 		return ret;
56 
57 	seq_printf(m, "pos:\t%lli\nflags:\t0%o\nmnt_id:\t%i\nino:\t%lu\n",
58 		   (long long)file->f_pos, f_flags,
59 		   real_mount(file->f_path.mnt)->mnt_id,
60 		   file_inode(file)->i_ino);
61 
62 	/* show_fd_locks() never deferences files so a stale value is safe */
63 	show_fd_locks(m, file, files);
64 	if (seq_has_overflowed(m))
65 		goto out;
66 
67 	if (file->f_op->show_fdinfo)
68 		file->f_op->show_fdinfo(m, file);
69 
70 out:
71 	fput(file);
72 	return 0;
73 }
74 
75 static int seq_fdinfo_open(struct inode *inode, struct file *file)
76 {
77 	bool allowed = false;
78 	struct task_struct *task = get_proc_task(inode);
79 
80 	if (!task)
81 		return -ESRCH;
82 
83 	allowed = ptrace_may_access(task, PTRACE_MODE_READ_FSCREDS);
84 	put_task_struct(task);
85 
86 	if (!allowed)
87 		return -EACCES;
88 
89 	return single_open(file, seq_show, inode);
90 }
91 
92 static const struct file_operations proc_fdinfo_file_operations = {
93 	.open		= seq_fdinfo_open,
94 	.read		= seq_read,
95 	.llseek		= seq_lseek,
96 	.release	= single_release,
97 };
98 
99 static bool tid_fd_mode(struct task_struct *task, unsigned fd, fmode_t *mode)
100 {
101 	struct file *file;
102 
103 	rcu_read_lock();
104 	file = task_lookup_fd_rcu(task, fd);
105 	if (file)
106 		*mode = file->f_mode;
107 	rcu_read_unlock();
108 	return !!file;
109 }
110 
111 static void tid_fd_update_inode(struct task_struct *task, struct inode *inode,
112 				fmode_t f_mode)
113 {
114 	task_dump_owner(task, 0, &inode->i_uid, &inode->i_gid);
115 
116 	if (S_ISLNK(inode->i_mode)) {
117 		unsigned i_mode = S_IFLNK;
118 		if (f_mode & FMODE_READ)
119 			i_mode |= S_IRUSR | S_IXUSR;
120 		if (f_mode & FMODE_WRITE)
121 			i_mode |= S_IWUSR | S_IXUSR;
122 		inode->i_mode = i_mode;
123 	}
124 	security_task_to_inode(task, inode);
125 }
126 
127 static int tid_fd_revalidate(struct dentry *dentry, unsigned int flags)
128 {
129 	struct task_struct *task;
130 	struct inode *inode;
131 	unsigned int fd;
132 
133 	if (flags & LOOKUP_RCU)
134 		return -ECHILD;
135 
136 	inode = d_inode(dentry);
137 	task = get_proc_task(inode);
138 	fd = proc_fd(inode);
139 
140 	if (task) {
141 		fmode_t f_mode;
142 		if (tid_fd_mode(task, fd, &f_mode)) {
143 			tid_fd_update_inode(task, inode, f_mode);
144 			put_task_struct(task);
145 			return 1;
146 		}
147 		put_task_struct(task);
148 	}
149 	return 0;
150 }
151 
152 static const struct dentry_operations tid_fd_dentry_operations = {
153 	.d_revalidate	= tid_fd_revalidate,
154 	.d_delete	= pid_delete_dentry,
155 };
156 
157 static int proc_fd_link(struct dentry *dentry, struct path *path)
158 {
159 	struct task_struct *task;
160 	int ret = -ENOENT;
161 
162 	task = get_proc_task(d_inode(dentry));
163 	if (task) {
164 		unsigned int fd = proc_fd(d_inode(dentry));
165 		struct file *fd_file;
166 
167 		fd_file = fget_task(task, fd);
168 		if (fd_file) {
169 			*path = fd_file->f_path;
170 			path_get(&fd_file->f_path);
171 			ret = 0;
172 			fput(fd_file);
173 		}
174 		put_task_struct(task);
175 	}
176 
177 	return ret;
178 }
179 
180 struct fd_data {
181 	fmode_t mode;
182 	unsigned fd;
183 };
184 
185 static struct dentry *proc_fd_instantiate(struct dentry *dentry,
186 	struct task_struct *task, const void *ptr)
187 {
188 	const struct fd_data *data = ptr;
189 	struct proc_inode *ei;
190 	struct inode *inode;
191 
192 	inode = proc_pid_make_inode(dentry->d_sb, task, S_IFLNK);
193 	if (!inode)
194 		return ERR_PTR(-ENOENT);
195 
196 	ei = PROC_I(inode);
197 	ei->fd = data->fd;
198 
199 	inode->i_op = &proc_pid_link_inode_operations;
200 	inode->i_size = 64;
201 
202 	ei->op.proc_get_link = proc_fd_link;
203 	tid_fd_update_inode(task, inode, data->mode);
204 
205 	d_set_d_op(dentry, &tid_fd_dentry_operations);
206 	return d_splice_alias(inode, dentry);
207 }
208 
209 static struct dentry *proc_lookupfd_common(struct inode *dir,
210 					   struct dentry *dentry,
211 					   instantiate_t instantiate)
212 {
213 	struct task_struct *task = get_proc_task(dir);
214 	struct fd_data data = {.fd = name_to_int(&dentry->d_name)};
215 	struct dentry *result = ERR_PTR(-ENOENT);
216 
217 	if (!task)
218 		goto out_no_task;
219 	if (data.fd == ~0U)
220 		goto out;
221 	if (!tid_fd_mode(task, data.fd, &data.mode))
222 		goto out;
223 
224 	result = instantiate(dentry, task, &data);
225 out:
226 	put_task_struct(task);
227 out_no_task:
228 	return result;
229 }
230 
231 static int proc_readfd_common(struct file *file, struct dir_context *ctx,
232 			      instantiate_t instantiate)
233 {
234 	struct task_struct *p = get_proc_task(file_inode(file));
235 	unsigned int fd;
236 
237 	if (!p)
238 		return -ENOENT;
239 
240 	if (!dir_emit_dots(file, ctx))
241 		goto out;
242 
243 	rcu_read_lock();
244 	for (fd = ctx->pos - 2;; fd++) {
245 		struct file *f;
246 		struct fd_data data;
247 		char name[10 + 1];
248 		unsigned int len;
249 
250 		f = task_lookup_next_fd_rcu(p, &fd);
251 		ctx->pos = fd + 2LL;
252 		if (!f)
253 			break;
254 		data.mode = f->f_mode;
255 		rcu_read_unlock();
256 		data.fd = fd;
257 
258 		len = snprintf(name, sizeof(name), "%u", fd);
259 		if (!proc_fill_cache(file, ctx,
260 				     name, len, instantiate, p,
261 				     &data))
262 			goto out;
263 		cond_resched();
264 		rcu_read_lock();
265 	}
266 	rcu_read_unlock();
267 out:
268 	put_task_struct(p);
269 	return 0;
270 }
271 
272 static int proc_readfd(struct file *file, struct dir_context *ctx)
273 {
274 	return proc_readfd_common(file, ctx, proc_fd_instantiate);
275 }
276 
277 const struct file_operations proc_fd_operations = {
278 	.read		= generic_read_dir,
279 	.iterate_shared	= proc_readfd,
280 	.llseek		= generic_file_llseek,
281 };
282 
283 static struct dentry *proc_lookupfd(struct inode *dir, struct dentry *dentry,
284 				    unsigned int flags)
285 {
286 	return proc_lookupfd_common(dir, dentry, proc_fd_instantiate);
287 }
288 
289 /*
290  * /proc/pid/fd needs a special permission handler so that a process can still
291  * access /proc/self/fd after it has executed a setuid().
292  */
293 int proc_fd_permission(struct user_namespace *mnt_userns,
294 		       struct inode *inode, int mask)
295 {
296 	struct task_struct *p;
297 	int rv;
298 
299 	rv = generic_permission(&init_user_ns, inode, mask);
300 	if (rv == 0)
301 		return rv;
302 
303 	rcu_read_lock();
304 	p = pid_task(proc_pid(inode), PIDTYPE_PID);
305 	if (p && same_thread_group(p, current))
306 		rv = 0;
307 	rcu_read_unlock();
308 
309 	return rv;
310 }
311 
312 const struct inode_operations proc_fd_inode_operations = {
313 	.lookup		= proc_lookupfd,
314 	.permission	= proc_fd_permission,
315 	.setattr	= proc_setattr,
316 };
317 
318 static struct dentry *proc_fdinfo_instantiate(struct dentry *dentry,
319 	struct task_struct *task, const void *ptr)
320 {
321 	const struct fd_data *data = ptr;
322 	struct proc_inode *ei;
323 	struct inode *inode;
324 
325 	inode = proc_pid_make_inode(dentry->d_sb, task, S_IFREG | S_IRUGO);
326 	if (!inode)
327 		return ERR_PTR(-ENOENT);
328 
329 	ei = PROC_I(inode);
330 	ei->fd = data->fd;
331 
332 	inode->i_fop = &proc_fdinfo_file_operations;
333 	tid_fd_update_inode(task, inode, 0);
334 
335 	d_set_d_op(dentry, &tid_fd_dentry_operations);
336 	return d_splice_alias(inode, dentry);
337 }
338 
339 static struct dentry *
340 proc_lookupfdinfo(struct inode *dir, struct dentry *dentry, unsigned int flags)
341 {
342 	return proc_lookupfd_common(dir, dentry, proc_fdinfo_instantiate);
343 }
344 
345 static int proc_readfdinfo(struct file *file, struct dir_context *ctx)
346 {
347 	return proc_readfd_common(file, ctx,
348 				  proc_fdinfo_instantiate);
349 }
350 
351 const struct inode_operations proc_fdinfo_inode_operations = {
352 	.lookup		= proc_lookupfdinfo,
353 	.setattr	= proc_setattr,
354 };
355 
356 const struct file_operations proc_fdinfo_operations = {
357 	.read		= generic_read_dir,
358 	.iterate_shared	= proc_readfdinfo,
359 	.llseek		= generic_file_llseek,
360 };
361