[PATCH] proc: Remove bogus proc_task_permission

First we can access every /proc/<tgid>/task/<pid> directory as /proc/<pid> so
proc_task_permission is not usefully limiting visibility.

Second having related filesystems information should have nothing to do with
process visibility.  kill does not implement any checks like that.

Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>

diff --git a/fs/proc/base.c b/fs/proc/base.c
index 9562df7..6080672 100644 (file)
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -361,54 +361,6 @@ static int proc_root_link(struct inode *inode, struct dentry **dentry, struct vf
        return result;
 }
 
-
-/* Same as proc_root_link, but this addionally tries to get fs from other
- * threads in the group */
-static int proc_task_root_link(struct inode *inode, struct dentry **dentry,
-                               struct vfsmount **mnt)
-{
-       struct fs_struct *fs;
-       int result = -ENOENT;
-       struct task_struct *leader = proc_task(inode);
-
-       task_lock(leader);
-       fs = leader->fs;
-       if (fs) {
-               atomic_inc(&fs->count);
-               task_unlock(leader);
-       } else {
-               /* Try to get fs from other threads */
-               task_unlock(leader);
-               read_lock(&tasklist_lock);
-               if (pid_alive(leader)) {
-                       struct task_struct *task = leader;
-
-                       while ((task = next_thread(task)) != leader) {
-                               task_lock(task);
-                               fs = task->fs;
-                               if (fs) {
-                                       atomic_inc(&fs->count);
-                                       task_unlock(task);
-                                       break;
-                               }
-                               task_unlock(task);
-                       }
-               }
-               read_unlock(&tasklist_lock);
-       }
-
-       if (fs) {
-               read_lock(&fs->lock);
-               *mnt = mntget(fs->rootmnt);
-               *dentry = dget(fs->root);
-               read_unlock(&fs->lock);
-               result = 0;
-               put_fs_struct(fs);
-       }
-       return result;
-}
-
-
 #define MAY_PTRACE(task) \
        (task == current || \
        (task->parent == current && \
@@ -600,20 +552,6 @@ static int proc_permission(struct inode *inode, int mask, struct nameidata *nd)
        return proc_check_root(inode);
 }
 
-static int proc_task_permission(struct inode *inode, int mask, struct nameidata *nd)
-{
-       struct dentry *root;
-       struct vfsmount *vfsmnt;
-
-       if (generic_permission(inode, mask, NULL) != 0)
-               return -EACCES;
-
-       if (proc_task_root_link(inode, &root, &vfsmnt))
-               return -ENOENT;
-
-       return proc_check_chroot(root, vfsmnt);
-}
-
 extern struct seq_operations proc_pid_maps_op;
 static int maps_open(struct inode *inode, struct file *file)
 {
@@ -1583,7 +1521,6 @@ static struct inode_operations proc_fd_inode_operations = {
 
 static struct inode_operations proc_task_inode_operations = {
        .lookup         = proc_task_lookup,
-       .permission     = proc_task_permission,
 };
 
 #ifdef CONFIG_SECURITY