fixup! proc: protect ptrace_may_access() with exec_update_lock (part 1)

[PATCH] fixup! proc: protect ptrace_may_access() with exec_update_lock (part 1)

Posted by Jann Horn 3 days, 15 hours ago

fix two test breakages in tools/testing/selftests/proc/read.c:

 - The test requires that readdir() on directories in procfs does not fail
   when running as root.
   Restore the previous behavior where /proc/$pid/map_files/ simply returns
   an empty directory if the process has no MM.
 - The test requires that any directory in procfs has "." and ".." entries.
   Restore the previous behavior where, even if a task has no MM,
   /proc/$pid/map_files/ still has "." and ".." entries.
   (This now differs from previous behavior in that even if the caller does
   not have permission, they still see "." and ".." entries; recreating
   the old behavior exactly would make this code unnecessarily complex.)

Reported-by: kernel test robot <oliver.sang@intel.com>
Closes: https://lore.kernel.org/oe-lkp/202606021924.b6d8a0c2-lkp@intel.com
Signed-off-by: Jann Horn <jannh@google.com>
---
 fs/proc/base.c | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/fs/proc/base.c b/fs/proc/base.c
index ef2f59461374..5042f14d24f3 100644
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -2399,16 +2399,19 @@ proc_map_files_readdir(struct file *file, struct dir_context *ctx)
 	if (!task)
 		goto out;
 
+	ret = 0;
+	if (!dir_emit_dots(file, ctx))
+		goto out_put_task;
+
 	mm = mm_access(task, PTRACE_MODE_READ_FSCREDS);
 	if (IS_ERR(mm)) {
 		ret = PTR_ERR(mm);
+		/* if the task has no mm, the directory should just be empty */
+		if (ret == -ESRCH)
+			ret = 0;
 		goto out_put_task;
 	}
 
-	ret = 0;
-	if (!dir_emit_dots(file, ctx))
-		goto out_put_mm;
-
 	ret = mmap_read_lock_killable(mm);
 	if (ret)
 		goto out_put_mm;

base-commit: 5200f5f493f79f14bbdc349e402a40dfb32f23c8
prerequisite-patch-id: 0000000000000000000000000000000000000000
prerequisite-patch-id: 7c4ef33778ceb9b6e644d78c5be66b99c0c77d51
prerequisite-patch-id: bd555aff354c96a946f72e56d5d55eecc33a7b47
-- 
2.54.0.1032.g2f8565e1d1-goog

Re: [PATCH] fixup! proc: protect ptrace_may_access() with exec_update_lock (part 1)

Posted by Christian Brauner 2 days, 23 hours ago

On Thu, 04 Jun 2026 17:58:06 +0200, Jann Horn wrote:
> fix two test breakages in tools/testing/selftests/proc/read.c:
> 
>  - The test requires that readdir() on directories in procfs does not fail
>    when running as root.
>    Restore the previous behavior where /proc/$pid/map_files/ simply returns
>    an empty directory if the process has no MM.
>  - The test requires that any directory in procfs has "." and ".." entries.
>    Restore the previous behavior where, even if a task has no MM,
>    /proc/$pid/map_files/ still has "." and ".." entries.
>    (This now differs from previous behavior in that even if the caller does
>    not have permission, they still see "." and ".." entries; recreating
>    the old behavior exactly would make this code unnecessarily complex.)
> 
> [...]

Applied to the vfs-7.2.procfs branch of the vfs/vfs.git tree.
Patches in the vfs-7.2.procfs branch should appear in linux-next soon.

Please report any outstanding bugs that were missed during review in a
new review to the original patch series allowing us to drop it.

It's encouraged to provide Acked-bys and Reviewed-bys even though the
patch has now been applied. If possible patch trailers will be updated.

Note that commit hashes shown below are subject to change due to rebase,
trailer updates or similar. If in doubt, please check the listed branch.

tree:   https://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs.git
branch: vfs-7.2.procfs

[1/1] fixup! proc: protect ptrace_may_access() with exec_update_lock (part 1)
      https://git.kernel.org/vfs/vfs/c/883d2f3ec72d