[RFC PATCH v1 0/6] proc: Add allowlist for procfs files
From: Alexey Gladkov
Date: Wed Jan 25 2023 - 10:29:42 EST
The patch expands subset= option. If the proc is mounted with the
subset=allowlist option, the /proc/allowlist file will appear. This file
contains the filenames and directories that are allowed for this
mountpoint. By default, /proc/allowlist contains only its own name.
Changing the allowlist is possible as long as it is present in the
allowlist itself.
This allowlist is applied in lookup/readdir so files that will create
modules after mounting will not be visible.
Compared to the previous patches [1][2], I switched to a special virtual
file from listing filenames in the mount options.
[1] https://lore.kernel.org/lkml/20200604200413.587896-1-gladkov.alexey@xxxxxxxxx/
[2] https://lore.kernel.org/lkml/YZvuN0Wqmn7XB4dX@localhost.localdomain/
Signed-off-by: Alexey Gladkov <legion@xxxxxxxxxx>
---
Alexey Gladkov (6):
proc: Fix separator for subset option
proc: Add allowlist to control access to procfs files
proc: Check that subset= option has been set
proc: Allow to use the allowlist filter in userns
proc: Validate incoming allowlist
doc: proc: Add description of subset=allowlist
Documentation/filesystems/proc.rst | 10 +
fs/proc/Kconfig | 10 +
fs/proc/Makefile | 1 +
fs/proc/generic.c | 15 +-
fs/proc/inode.c | 16 +-
fs/proc/internal.h | 33 ++++
fs/proc/proc_allowlist.c | 300 +++++++++++++++++++++++++++++
fs/proc/root.c | 36 +++-
include/linux/proc_fs.h | 18 +-
9 files changed, 420 insertions(+), 19 deletions(-)
create mode 100644 fs/proc/proc_allowlist.c
--
2.33.6