Merge branch 'fixes-for-v4.9-rc2' of http://git.agner.ch/git/linux-drm-fsl-dcu into...

[cascardo/linux.git] / fs / proc / base.c

diff --git a/fs/proc/base.c b/fs/proc/base.c
index 09f0f17..8e65446 100644 (file)
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -252,7 +252,7 @@ static ssize_t proc_pid_cmdline_read(struct file *file, char __user *buf,
         * Inherently racy -- command line shares address space
         * with code and data.
         */
-       rv = access_remote_vm(mm, arg_end - 1, &c, 1, 0);
+       rv = access_remote_vm(mm, arg_end - 1, &c, 1, FOLL_FORCE);
        if (rv <= 0)
                goto out_free_page;
 
@@ -270,7 +270,8 @@ static ssize_t proc_pid_cmdline_read(struct file *file, char __user *buf,
                        int nr_read;
 
                        _count = min3(count, len, PAGE_SIZE);
-                       nr_read = access_remote_vm(mm, p, page, _count, 0);
+                       nr_read = access_remote_vm(mm, p, page, _count,
+                                       FOLL_FORCE);
                        if (nr_read < 0)
                                rv = nr_read;
                        if (nr_read <= 0)
@@ -305,7 +306,8 @@ static ssize_t proc_pid_cmdline_read(struct file *file, char __user *buf,
                        bool final;
 
                        _count = min3(count, len, PAGE_SIZE);
-                       nr_read = access_remote_vm(mm, p, page, _count, 0);
+                       nr_read = access_remote_vm(mm, p, page, _count,
+                                       FOLL_FORCE);
                        if (nr_read < 0)
                                rv = nr_read;
                        if (nr_read <= 0)
@@ -354,7 +356,8 @@ skip_argv:
                        bool final;
 
                        _count = min3(count, len, PAGE_SIZE);
-                       nr_read = access_remote_vm(mm, p, page, _count, 0);
+                       nr_read = access_remote_vm(mm, p, page, _count,
+                                       FOLL_FORCE);
                        if (nr_read < 0)
                                rv = nr_read;
                        if (nr_read <= 0)
@@ -466,7 +469,7 @@ static int proc_pid_stack(struct seq_file *m, struct pid_namespace *ns,
                save_stack_trace_tsk(task, &trace);
 
                for (i = 0; i < trace.nr_entries; i++) {
-                       seq_printf(m, "[<%pK>] %pS\n",
+                       seq_printf(m, "[<%pK>] %pB\n",
                                   (void *)entries[i], (void *)entries[i]);
                }
                unlock_trace(task);
@@ -832,6 +835,7 @@ static ssize_t mem_rw(struct file *file, char __user *buf,
        unsigned long addr = *ppos;
        ssize_t copied;
        char *page;
+       unsigned int flags = FOLL_FORCE;
 
        if (!mm)
                return 0;
@@ -844,6 +848,9 @@ static ssize_t mem_rw(struct file *file, char __user *buf,
        if (!atomic_inc_not_zero(&mm->mm_users))
                goto free;
 
+       if (write)
+               flags |= FOLL_WRITE;
+
        while (count > 0) {
                int this_len = min_t(int, count, PAGE_SIZE);
 
@@ -852,7 +859,7 @@ static ssize_t mem_rw(struct file *file, char __user *buf,
                        break;
                }
 
-               this_len = access_remote_vm(mm, addr, page, this_len, write);
+               this_len = access_remote_vm(mm, addr, page, this_len, flags);
                if (!this_len) {
                        if (!copied)
                                copied = -EIO;
@@ -965,7 +972,7 @@ static ssize_t environ_read(struct file *file, char __user *buf,
                this_len = min(max_len, this_len);
 
                retval = access_remote_vm(mm, (env_start + src),
-                       page, this_len, 0);
+                       page, this_len, FOLL_FORCE);
 
                if (retval <= 0) {
                        ret = retval;
@@ -1671,7 +1678,7 @@ struct inode *proc_pid_make_inode(struct super_block * sb, struct task_struct *t
        /* Common stuff */
        ei = PROC_I(inode);
        inode->i_ino = get_next_ino();
-       inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME;
+       inode->i_mtime = inode->i_atime = inode->i_ctime = current_time(inode);
        inode->i_op = &proc_def_inode_operations;
 
        /*
@@ -2287,16 +2294,27 @@ static ssize_t timerslack_ns_write(struct file *file, const char __user *buf,
        if (!p)
                return -ESRCH;
 
-       if (ptrace_may_access(p, PTRACE_MODE_ATTACH_FSCREDS)) {
-               task_lock(p);
-               if (slack_ns == 0)
-                       p->timer_slack_ns = p->default_timer_slack_ns;
-               else
-                       p->timer_slack_ns = slack_ns;
-               task_unlock(p);
-       } else
-               count = -EPERM;
+       if (p != current) {
+               if (!capable(CAP_SYS_NICE)) {
+                       count = -EPERM;
+                       goto out;
+               }
+
+               err = security_task_setscheduler(p);
+               if (err) {
+                       count = err;
+                       goto out;
+               }
+       }
+
+       task_lock(p);
+       if (slack_ns == 0)
+               p->timer_slack_ns = p->default_timer_slack_ns;
+       else
+               p->timer_slack_ns = slack_ns;
+       task_unlock(p);
 
+out:
        put_task_struct(p);
 
        return count;
@@ -2306,19 +2324,28 @@ static int timerslack_ns_show(struct seq_file *m, void *v)
 {
        struct inode *inode = m->private;
        struct task_struct *p;
-       int err =  0;
+       int err = 0;
 
        p = get_proc_task(inode);
        if (!p)
                return -ESRCH;
 
-       if (ptrace_may_access(p, PTRACE_MODE_ATTACH_FSCREDS)) {
-               task_lock(p);
-               seq_printf(m, "%llu\n", p->timer_slack_ns);
-               task_unlock(p);
-       } else
-               err = -EPERM;
+       if (p != current) {
+
+               if (!capable(CAP_SYS_NICE)) {
+                       err = -EPERM;
+                       goto out;
+               }
+               err = security_task_getscheduler(p);
+               if (err)
+                       goto out;
+       }
 
+       task_lock(p);
+       seq_printf(m, "%llu\n", p->timer_slack_ns);
+       task_unlock(p);
+
+out:
        put_task_struct(p);
 
        return err;