close_range: unshare all fds for CLOSE_RANGE_UNSHARE | CLOSE_RANGE_CLOEXEC

[linux-2.6-microblaze.git] / fs / proc / base.c

diff --git a/fs/proc/base.c b/fs/proc/base.c
index 617db4e..b3422cd 100644 (file)
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -405,11 +405,11 @@ print0:
 
 static int lock_trace(struct task_struct *task)
 {
-       int err = mutex_lock_killable(&task->signal->exec_update_mutex);
+       int err = down_read_killable(&task->signal->exec_update_lock);
        if (err)
                return err;
        if (!ptrace_may_access(task, PTRACE_MODE_ATTACH_FSCREDS)) {
-               mutex_unlock(&task->signal->exec_update_mutex);
+               up_read(&task->signal->exec_update_lock);
                return -EPERM;
        }
        return 0;
@@ -417,7 +417,7 @@ static int lock_trace(struct task_struct *task)
 
 static void unlock_trace(struct task_struct *task)
 {
-       mutex_unlock(&task->signal->exec_update_mutex);
+       up_read(&task->signal->exec_update_lock);
 }
 
 #ifdef CONFIG_STACKTRACE
@@ -1049,13 +1049,14 @@ static ssize_t oom_adj_read(struct file *file, char __user *buf, size_t count,
                oom_adj = (task->signal->oom_score_adj * -OOM_DISABLE) /
                          OOM_SCORE_ADJ_MAX;
        put_task_struct(task);
+       if (oom_adj > OOM_ADJUST_MAX)
+               oom_adj = OOM_ADJUST_MAX;
        len = snprintf(buffer, sizeof(buffer), "%d\n", oom_adj);
        return simple_read_from_buffer(buf, count, ppos, buffer, len);
 }
 
 static int __set_oom_adj(struct file *file, int oom_adj, bool legacy)
 {
-       static DEFINE_MUTEX(oom_adj_mutex);
        struct mm_struct *mm = NULL;
        struct task_struct *task;
        int err = 0;
@@ -1095,7 +1096,7 @@ static int __set_oom_adj(struct file *file, int oom_adj, bool legacy)
                struct task_struct *p = find_lock_task_mm(task);
 
                if (p) {
-                       if (atomic_read(&p->mm->mm_users) > 1) {
+                       if (test_bit(MMF_MULTIPROCESS, &p->mm->flags)) {
                                mm = p->mm;
                                mmgrab(mm);
                        }
@@ -1269,6 +1270,10 @@ static ssize_t proc_loginuid_write(struct file * file, const char __user * buf,
        kuid_t kloginuid;
        int rv;
 
+       /* Don't let kthreads write their own loginuid */
+       if (current->flags & PF_KTHREAD)
+               return -EPERM;
+
        rcu_read_lock();
        if (current != pid_task(proc_pid(inode), PIDTYPE_PID)) {
                rcu_read_unlock();
@@ -2016,7 +2021,7 @@ const struct dentry_operations pid_dentry_operations =
  * file type from dcache entry.
  *
  * Since all of the proc inode numbers are dynamically generated, the inode
- * numbers do not exist until the inode is cache.  This means creating the
+ * numbers do not exist until the inode is cache.  This means creating
  * the dcache entry in readdir is necessary to keep the inode numbers
  * reported by readdir in sync with the inode numbers reported
  * by stat.
@@ -2925,7 +2930,7 @@ static int do_io_accounting(struct task_struct *task, struct seq_file *m, int wh
        unsigned long flags;
        int result;
 
-       result = mutex_lock_killable(&task->signal->exec_update_mutex);
+       result = down_read_killable(&task->signal->exec_update_lock);
        if (result)
                return result;
 
@@ -2961,7 +2966,7 @@ static int do_io_accounting(struct task_struct *task, struct seq_file *m, int wh
        result = 0;
 
 out_unlock:
-       mutex_unlock(&task->signal->exec_update_mutex);
+       up_read(&task->signal->exec_update_lock);
        return result;
 }
 
@@ -3258,6 +3263,9 @@ static const struct pid_entry tgid_base_stuff[] = {
 #ifdef CONFIG_PROC_PID_ARCH_STATUS
        ONE("arch_status", S_IRUGO, proc_pid_arch_status),
 #endif
+#ifdef CONFIG_SECCOMP_CACHE_DEBUG
+       ONE("seccomp_cache", S_IRUSR, proc_pid_seccomp_cache),
+#endif
 };
 
 static int proc_tgid_base_readdir(struct file *file, struct dir_context *ctx)
@@ -3587,6 +3595,9 @@ static const struct pid_entry tid_base_stuff[] = {
 #ifdef CONFIG_PROC_PID_ARCH_STATUS
        ONE("arch_status", S_IRUGO, proc_pid_arch_status),
 #endif
+#ifdef CONFIG_SECCOMP_CACHE_DEBUG
+       ONE("seccomp_cache", S_IRUSR, proc_pid_seccomp_cache),
+#endif
 };
 
 static int proc_tid_base_readdir(struct file *file, struct dir_context *ctx)