add wifi6 8852be driver

hc

2024-12-19 9370bb92b2d16684ee45cf24e879c93c509162da

 kernel/fs/proc/base.c
..
..
@@ -59,6 +59,7 @@
59
59
 #include <linux/capability.h>
60
60
 #include <linux/file.h>
61
61
 #include <linux/fdtable.h>
62
+#include <linux/generic-radix-tree.h>
62
63
 #include <linux/string.h>
63
64
 #include <linux/seq_file.h>
64
65
 #include <linux/namei.h>
..
..
@@ -92,8 +93,9 @@
92
93
 #include <linux/sched/coredump.h>
93
94
 #include <linux/sched/debug.h>
94
95
 #include <linux/sched/stat.h>
95
-#include <linux/flex_array.h>
96
96
 #include <linux/posix-timers.h>
97
+#include <linux/time_namespace.h>
98
+#include <linux/resctrl.h>
97
99
 #include <linux/cpufreq_times.h>
98
100
 #include <trace/events/oom.h>
99
101
 #include "internal.h"
..
..
@@ -141,9 +143,13 @@
141
143
 #define REG(NAME, MODE, fops)				\
142
144
 	NOD(NAME, (S_IFREG|(MODE)), NULL, &fops, {})
143
145
 #define ONE(NAME, MODE, show)				\
144
-	NOD(NAME, (S_IFREG|(MODE)), 			\
146
+	NOD(NAME, (S_IFREG|(MODE)),			\
145
147
 		NULL, &proc_single_file_operations,	\
146
148
 		{ .proc_show = show } )
149
+#define ATTR(LSM, NAME, MODE)				\
150
+	NOD(NAME, (S_IFREG|(MODE)),			\
151
+		NULL, &proc_pid_attr_operations,	\
152
+		{ .lsm = LSM })
147
153
 
148
154
 /*
149
155
  * Count the number of hardlinks for the pid_entry table, excluding the .
..
..
@@ -400,11 +406,11 @@
400
406
 
401
407
 static int lock_trace(struct task_struct *task)
402
408
 {
403
-	int err = mutex_lock_killable(&task->signal->cred_guard_mutex);
409
+	int err = down_read_killable(&task->signal->exec_update_lock);
404
410
 	if (err)
405
411
 		return err;
406
412
 	if (!ptrace_may_access(task, PTRACE_MODE_ATTACH_FSCREDS)) {
407
-		mutex_unlock(&task->signal->cred_guard_mutex);
413
+		up_read(&task->signal->exec_update_lock);
408
414
 		return -EPERM;
409
415
 	}
410
416
 	return 0;
..
..
@@ -412,7 +418,7 @@
412
418
 
413
419
 static void unlock_trace(struct task_struct *task)
414
420
 {
415
-	mutex_unlock(&task->signal->cred_guard_mutex);
421
+	up_read(&task->signal->exec_update_lock);
416
422
 }
417
423
 
418
424
 #ifdef CONFIG_STACKTRACE
..
..
@@ -422,7 +428,6 @@
422
428
 static int proc_pid_stack(struct seq_file *m, struct pid_namespace *ns,
423
429
 			  struct pid *pid, struct task_struct *task)
424
430
 {
425
-	struct stack_trace trace;
426
431
 	unsigned long *entries;
427
432
 	int err;
428
433
 
..
..
@@ -445,20 +450,17 @@
445
450
 	if (!entries)
446
451
 		return -ENOMEM;
447
452
 
448
-	trace.nr_entries	= 0;
449
-	trace.max_entries	= MAX_STACK_TRACE_DEPTH;
450
-	trace.entries		= entries;
451
-	trace.skip		= 0;
452
-
453
453
 	err = lock_trace(task);
454
454
 	if (!err) {
455
-		unsigned int i;
455
+		unsigned int i, nr_entries;
456
456
 
457
-		save_stack_trace_tsk(task, &trace);
457
+		nr_entries = stack_trace_save_tsk(task, entries,
458
+						  MAX_STACK_TRACE_DEPTH, 0);
458
459
 
459
-		for (i = 0; i < trace.nr_entries; i++) {
460
+		for (i = 0; i < nr_entries; i++) {
460
461
 			seq_printf(m, "[<0>] %pB\n", (void *)entries[i]);
461
462
 		}
463
+
462
464
 		unlock_trace(task);
463
465
 	}
464
466
 	kfree(entries);
..
..
@@ -475,7 +477,7 @@
475
477
 			      struct pid *pid, struct task_struct *task)
476
478
 {
477
479
 	if (unlikely(!sched_info_on()))
478
-		seq_printf(m, "0 0 0\n");
480
+		seq_puts(m, "0 0 0\n");
479
481
 	else
480
482
 		seq_printf(m, "%llu %llu %lu\n",
481
483
 		   (unsigned long long)task->se.sum_exec_runtime,
..
..
@@ -504,9 +506,8 @@
504
506
 				   lr->count, lr->time, lr->max);
505
507
 			for (q = 0; q < LT_BACKTRACEDEPTH; q++) {
506
508
 				unsigned long bt = lr->backtrace[q];
509
+
507
510
 				if (!bt)
508
-					break;
509
-				if (bt == ULONG_MAX)
510
511
 					break;
511
512
 				seq_printf(m, " %ps", (void *)bt);
512
513
 			}
..
..
@@ -530,7 +531,7 @@
530
531
 
531
532
 	if (!task)
532
533
 		return -ESRCH;
533
-	clear_all_latency_tracing(task);
534
+	clear_tsk_latency_tracing(task);
534
535
 	put_task_struct(task);
535
536
 
536
537
 	return count;
..
..
@@ -549,11 +550,19 @@
549
550
 static int proc_oom_score(struct seq_file *m, struct pid_namespace *ns,
550
551
 			  struct pid *pid, struct task_struct *task)
551
552
 {
552
-	unsigned long totalpages = totalram_pages + total_swap_pages;
553
+	unsigned long totalpages = totalram_pages() + total_swap_pages;
553
554
 	unsigned long points = 0;
555
+	long badness;
554
556
 
555
-	points = oom_badness(task, NULL, NULL, totalpages) *
556
-					1000 / totalpages;
557
+	badness = oom_badness(task, totalpages);
558
+	/*
559
+	 * Special case OOM_SCORE_ADJ_MIN for all others scale the
560
+	 * badness value into [0, 2000] range which we have been
561
+	 * exporting for a long time so userspace might depend on it.
562
+	 */
563
+	if (badness != LONG_MIN)
564
+		points = (1000 + badness * 1000 / (long)totalpages) * 2 / 3;
565
+
557
566
 	seq_printf(m, "%lu\n", points);
558
567
 
559
568
 	return 0;
..
..
@@ -600,8 +609,10 @@
600
609
 	/*
601
610
 	 * print the file header
602
611
 	 */
603
-       seq_printf(m, "%-25s %-20s %-20s %-10s\n",
604
-		  "Limit", "Soft Limit", "Hard Limit", "Units");
612
+	seq_puts(m, "Limit                     "
613
+		"Soft Limit           "
614
+		"Hard Limit           "
615
+		"Units     \n");
605
616
 
606
617
 	for (i = 0; i < RLIM_NLIMITS; i++) {
607
618
 		if (rlim[i].rlim_cur == RLIM_INFINITY)
..
..
@@ -629,24 +640,25 @@
629
640
 static int proc_pid_syscall(struct seq_file *m, struct pid_namespace *ns,
630
641
 			    struct pid *pid, struct task_struct *task)
631
642
 {
632
-	long nr;
633
-	unsigned long args[6], sp, pc;
643
+	struct syscall_info info;
644
+	u64 *args = &info.data.args[0];
634
645
 	int res;
635
646
 
636
647
 	res = lock_trace(task);
637
648
 	if (res)
638
649
 		return res;
639
650
 
640
-	if (task_current_syscall(task, &nr, args, 6, &sp, &pc))
651
+	if (task_current_syscall(task, &info))
641
652
 		seq_puts(m, "running\n");
642
-	else if (nr < 0)
643
-		seq_printf(m, "%ld 0x%lx 0x%lx\n", nr, sp, pc);
653
+	else if (info.data.nr < 0)
654
+		seq_printf(m, "%d 0x%llx 0x%llx\n",
655
+			   info.data.nr, info.sp, info.data.instruction_pointer);
644
656
 	else
645
657
 		seq_printf(m,
646
-		       "%ld 0x%lx 0x%lx 0x%lx 0x%lx 0x%lx 0x%lx 0x%lx 0x%lx\n",
647
-		       nr,
658
+		       "%d 0x%llx 0x%llx 0x%llx 0x%llx 0x%llx 0x%llx 0x%llx 0x%llx\n",
659
+		       info.data.nr,
648
660
 		       args[0], args[1], args[2], args[3], args[4], args[5],
649
-		       sp, pc);
661
+		       info.sp, info.data.instruction_pointer);
650
662
 	unlock_trace(task);
651
663
 
652
664
 	return 0;
..
..
@@ -695,13 +707,21 @@
695
707
  * May current process learn task's sched/cmdline info (for hide_pid_min=1)
696
708
  * or euid/egid (for hide_pid_min=2)?
697
709
  */
698
-static bool has_pid_permissions(struct pid_namespace *pid,
710
+static bool has_pid_permissions(struct proc_fs_info *fs_info,
699
711
 				 struct task_struct *task,
700
-				 int hide_pid_min)
712
+				 enum proc_hidepid hide_pid_min)
701
713
 {
702
-	if (pid->hide_pid < hide_pid_min)
714
+	/*
715
+	 * If 'hidpid' mount option is set force a ptrace check,
716
+	 * we indicate that we are using a filesystem syscall
717
+	 * by passing PTRACE_MODE_READ_FSCREDS
718
+	 */
719
+	if (fs_info->hide_pid == HIDEPID_NOT_PTRACEABLE)
720
+		return ptrace_may_access(task, PTRACE_MODE_READ_FSCREDS);
721
+
722
+	if (fs_info->hide_pid < hide_pid_min)
703
723
 		return true;
704
-	if (in_group_p(pid->pid_gid))
724
+	if (in_group_p(fs_info->pid_gid))
705
725
 		return true;
706
726
 	return ptrace_may_access(task, PTRACE_MODE_READ_FSCREDS);
707
727
 }
..
..
@@ -709,18 +729,18 @@
709
729
 
710
730
 static int proc_pid_permission(struct inode *inode, int mask)
711
731
 {
712
-	struct pid_namespace *pid = proc_pid_ns(inode);
732
+	struct proc_fs_info *fs_info = proc_sb_info(inode->i_sb);
713
733
 	struct task_struct *task;
714
734
 	bool has_perms;
715
735
 
716
736
 	task = get_proc_task(inode);
717
737
 	if (!task)
718
738
 		return -ESRCH;
719
-	has_perms = has_pid_permissions(pid, task, HIDEPID_NO_ACCESS);
739
+	has_perms = has_pid_permissions(fs_info, task, HIDEPID_NO_ACCESS);
720
740
 	put_task_struct(task);
721
741
 
722
742
 	if (!has_perms) {
723
-		if (pid->hide_pid == HIDEPID_INVISIBLE) {
743
+		if (fs_info->hide_pid == HIDEPID_INVISIBLE) {
724
744
 			/*
725
745
 			 * Let's make getdents(), stat(), and open()
726
746
 			 * consistent with each other.  If a process
..
..
@@ -744,7 +764,7 @@
744
764
 static int proc_single_show(struct seq_file *m, void *v)
745
765
 {
746
766
 	struct inode *inode = m->private;
747
-	struct pid_namespace *ns = proc_pid_ns(inode);
767
+	struct pid_namespace *ns = proc_pid_ns(inode->i_sb);
748
768
 	struct pid *pid = proc_pid(inode);
749
769
 	struct task_struct *task;
750
770
 	int ret;
..
..
@@ -1030,6 +1050,8 @@
1030
1050
 		oom_adj = (task->signal->oom_score_adj * -OOM_DISABLE) /
1031
1051
 			  OOM_SCORE_ADJ_MAX;
1032
1052
 	put_task_struct(task);
1053
+	if (oom_adj > OOM_ADJUST_MAX)
1054
+		oom_adj = OOM_ADJUST_MAX;
1033
1055
 	len = snprintf(buffer, sizeof(buffer), "%d\n", oom_adj);
1034
1056
 	return simple_read_from_buffer(buf, count, ppos, buffer, len);
1035
1057
 }
..
..
@@ -1222,7 +1244,7 @@
1222
1244
 	.llseek		= default_llseek,
1223
1245
 };
1224
1246
 
1225
-#ifdef CONFIG_AUDITSYSCALL
1247
+#ifdef CONFIG_AUDIT
1226
1248
 #define TMPBUFLEN 11
1227
1249
 static ssize_t proc_loginuid_read(struct file * file, char __user * buf,
1228
1250
 				  size_t count, loff_t *ppos)
..
..
@@ -1248,6 +1270,10 @@
1248
1270
 	uid_t loginuid;
1249
1271
 	kuid_t kloginuid;
1250
1272
 	int rv;
1273
+
1274
+	/* Don't let kthreads write their own loginuid */
1275
+	if (current->flags & PF_KTHREAD)
1276
+		return -EPERM;
1251
1277
 
1252
1278
 	rcu_read_lock();
1253
1279
 	if (current != pid_task(proc_pid(inode), PIDTYPE_PID)) {
..
..
@@ -1412,7 +1438,7 @@
1412
1438
 static int sched_show(struct seq_file *m, void *v)
1413
1439
 {
1414
1440
 	struct inode *inode = m->private;
1415
-	struct pid_namespace *ns = proc_pid_ns(inode);
1441
+	struct pid_namespace *ns = proc_pid_ns(inode->i_sb);
1416
1442
 	struct task_struct *p;
1417
1443
 
1418
1444
 	p = get_proc_task(inode);
..
..
@@ -1532,6 +1558,108 @@
1532
1558
 
1533
1559
 #endif /* CONFIG_SCHED_AUTOGROUP */
1534
1560
 
1561
+#ifdef CONFIG_TIME_NS
1562
+static int timens_offsets_show(struct seq_file *m, void *v)
1563
+{
1564
+	struct task_struct *p;
1565
+
1566
+	p = get_proc_task(file_inode(m->file));
1567
+	if (!p)
1568
+		return -ESRCH;
1569
+	proc_timens_show_offsets(p, m);
1570
+
1571
+	put_task_struct(p);
1572
+
1573
+	return 0;
1574
+}
1575
+
1576
+static ssize_t timens_offsets_write(struct file *file, const char __user *buf,
1577
+				    size_t count, loff_t *ppos)
1578
+{
1579
+	struct inode *inode = file_inode(file);
1580
+	struct proc_timens_offset offsets[2];
1581
+	char *kbuf = NULL, *pos, *next_line;
1582
+	struct task_struct *p;
1583
+	int ret, noffsets;
1584
+
1585
+	/* Only allow < page size writes at the beginning of the file */
1586
+	if ((*ppos != 0) || (count >= PAGE_SIZE))
1587
+		return -EINVAL;
1588
+
1589
+	/* Slurp in the user data */
1590
+	kbuf = memdup_user_nul(buf, count);
1591
+	if (IS_ERR(kbuf))
1592
+		return PTR_ERR(kbuf);
1593
+
1594
+	/* Parse the user data */
1595
+	ret = -EINVAL;
1596
+	noffsets = 0;
1597
+	for (pos = kbuf; pos; pos = next_line) {
1598
+		struct proc_timens_offset *off = &offsets[noffsets];
1599
+		char clock[10];
1600
+		int err;
1601
+
1602
+		/* Find the end of line and ensure we don't look past it */
1603
+		next_line = strchr(pos, '\n');
1604
+		if (next_line) {
1605
+			*next_line = '\0';
1606
+			next_line++;
1607
+			if (*next_line == '\0')
1608
+				next_line = NULL;
1609
+		}
1610
+
1611
+		err = sscanf(pos, "%9s %lld %lu", clock,
1612
+				&off->val.tv_sec, &off->val.tv_nsec);
1613
+		if (err != 3 || off->val.tv_nsec >= NSEC_PER_SEC)
1614
+			goto out;
1615
+
1616
+		clock[sizeof(clock) - 1] = 0;
1617
+		if (strcmp(clock, "monotonic") == 0 ||
1618
+		    strcmp(clock, __stringify(CLOCK_MONOTONIC)) == 0)
1619
+			off->clockid = CLOCK_MONOTONIC;
1620
+		else if (strcmp(clock, "boottime") == 0 ||
1621
+			 strcmp(clock, __stringify(CLOCK_BOOTTIME)) == 0)
1622
+			off->clockid = CLOCK_BOOTTIME;
1623
+		else
1624
+			goto out;
1625
+
1626
+		noffsets++;
1627
+		if (noffsets == ARRAY_SIZE(offsets)) {
1628
+			if (next_line)
1629
+				count = next_line - kbuf;
1630
+			break;
1631
+		}
1632
+	}
1633
+
1634
+	ret = -ESRCH;
1635
+	p = get_proc_task(inode);
1636
+	if (!p)
1637
+		goto out;
1638
+	ret = proc_timens_set_offset(file, p, offsets, noffsets);
1639
+	put_task_struct(p);
1640
+	if (ret)
1641
+		goto out;
1642
+
1643
+	ret = count;
1644
+out:
1645
+	kfree(kbuf);
1646
+	return ret;
1647
+}
1648
+
1649
+static int timens_offsets_open(struct inode *inode, struct file *filp)
1650
+{
1651
+	return single_open(filp, timens_offsets_show, inode);
1652
+}
1653
+
1654
+static const struct file_operations proc_timens_offsets_operations = {
1655
+	.open		= timens_offsets_open,
1656
+	.read		= seq_read,
1657
+	.write		= timens_offsets_write,
1658
+	.llseek		= seq_lseek,
1659
+	.release	= single_release,
1660
+};
1661
+#endif /* CONFIG_TIME_NS */
1662
+
1535
1663
 static ssize_t comm_write(struct file *file, const char __user *buf,
1536
1664
 				size_t count, loff_t *offset)
1537
1665
 {
..
..
@@ -1625,8 +1753,7 @@
1625
1753
 	if (error)
1626
1754
 		goto out;
1627
1755
 
1628
-	nd_jump_link(&path);
1629
-	return NULL;
1756
+	error = nd_jump_link(&path);
1630
1757
 out:
1631
1758
 	return ERR_PTR(error);
1632
1759
 }
..
..
@@ -1742,11 +1869,25 @@
1742
1869
 	*rgid = gid;
1743
1870
 }
1744
1871
 
1745
-struct inode *proc_pid_make_inode(struct super_block * sb,
1872
+void proc_pid_evict_inode(struct proc_inode *ei)
1873
+{
1874
+	struct pid *pid = ei->pid;
1875
+
1876
+	if (S_ISDIR(ei->vfs_inode.i_mode)) {
1877
+		spin_lock(&pid->lock);
1878
+		hlist_del_init_rcu(&ei->sibling_inodes);
1879
+		spin_unlock(&pid->lock);
1880
+	}
1881
+
1882
+	put_pid(pid);
1883
+}
1884
+
1885
+struct inode *proc_pid_make_inode(struct super_block *sb,
1746
1886
 				  struct task_struct *task, umode_t mode)
1747
1887
 {
1748
1888
 	struct inode * inode;
1749
1889
 	struct proc_inode *ei;
1890
+	struct pid *pid;
1750
1891
 
1751
1892
 	/* We need a new inode */
1752
1893
 
..
..
@@ -1764,9 +1905,12 @@
1764
1905
 	/*
1765
1906
 	 * grab the reference to task.
1766
1907
 	 */
1767
-	ei->pid = get_task_pid(task, PIDTYPE_PID);
1768
-	if (!ei->pid)
1908
+	pid = get_task_pid(task, PIDTYPE_PID);
1909
+	if (!pid)
1769
1910
 		goto out_unlock;
1911
+
1912
+	/* Let the pid remember us for quick removal */
1913
+	ei->pid = pid;
1770
1914
 
1771
1915
 	task_dump_owner(task, 0, &inode->i_uid, &inode->i_gid);
1772
1916
 	security_task_to_inode(task, inode);
..
..
@@ -1779,11 +1923,44 @@
1779
1923
 	return NULL;
1780
1924
 }
1781
1925
 
1926
+/*
1927
+ * Generating an inode and adding it into @pid->inodes, so that task will
1928
+ * invalidate inode's dentry before being released.
1929
+ *
1930
+ * This helper is used for creating dir-type entries under '/proc' and
1931
+ * '/proc/<tgid>/task'. Other entries(eg. fd, stat) under '/proc/<tgid>'
1932
+ * can be released by invalidating '/proc/<tgid>' dentry.
1933
+ * In theory, dentries under '/proc/<tgid>/task' can also be released by
1934
+ * invalidating '/proc/<tgid>' dentry, we reserve it to handle single
1935
+ * thread exiting situation: Any one of threads should invalidate its
1936
+ * '/proc/<tgid>/task/<pid>' dentry before released.
1937
+ */
1938
+static struct inode *proc_pid_make_base_inode(struct super_block *sb,
1939
+				struct task_struct *task, umode_t mode)
1940
+{
1941
+	struct inode *inode;
1942
+	struct proc_inode *ei;
1943
+	struct pid *pid;
1944
+
1945
+	inode = proc_pid_make_inode(sb, task, mode);
1946
+	if (!inode)
1947
+		return NULL;
1948
+
1949
+	/* Let proc_flush_pid find this directory inode */
1950
+	ei = PROC_I(inode);
1951
+	pid = ei->pid;
1952
+	spin_lock(&pid->lock);
1953
+	hlist_add_head_rcu(&ei->sibling_inodes, &pid->inodes);
1954
+	spin_unlock(&pid->lock);
1955
+
1956
+	return inode;
1957
+}
1958
+
1782
1959
 int pid_getattr(const struct path *path, struct kstat *stat,
1783
1960
 		u32 request_mask, unsigned int query_flags)
1784
1961
 {
1785
1962
 	struct inode *inode = d_inode(path->dentry);
1786
-	struct pid_namespace *pid = proc_pid_ns(inode);
1963
+	struct proc_fs_info *fs_info = proc_sb_info(inode->i_sb);
1787
1964
 	struct task_struct *task;
1788
1965
 
1789
1966
 	generic_fillattr(inode, stat);
..
..
@@ -1793,7 +1970,7 @@
1793
1970
 	rcu_read_lock();
1794
1971
 	task = pid_task(proc_pid(inode), PIDTYPE_PID);
1795
1972
 	if (task) {
1796
-		if (!has_pid_permissions(pid, task, HIDEPID_INVISIBLE)) {
1973
+		if (!has_pid_permissions(fs_info, task, HIDEPID_INVISIBLE)) {
1797
1974
 			rcu_read_unlock();
1798
1975
 			/*
1799
1976
 			 * This doesn't prevent learning whether PID exists,
..
..
@@ -1978,11 +2155,11 @@
1978
2155
 		goto out;
1979
2156
 
1980
2157
 	if (!dname_to_vma_addr(dentry, &vm_start, &vm_end)) {
1981
-		status = down_read_killable(&mm->mmap_sem);
2158
+		status = mmap_read_lock_killable(mm);
1982
2159
 		if (!status) {
1983
2160
 			exact_vma_exists = !!find_exact_vma(mm, vm_start,
1984
2161
 							    vm_end);
1985
-			up_read(&mm->mmap_sem);
2162
+			mmap_read_unlock(mm);
1986
2163
 		}
1987
2164
 	}
1988
2165
 
..
..
@@ -2029,7 +2206,7 @@
2029
2206
 	if (rc)
2030
2207
 		goto out_mmput;
2031
2208
 
2032
-	rc = down_read_killable(&mm->mmap_sem);
2209
+	rc = mmap_read_lock_killable(mm);
2033
2210
 	if (rc)
2034
2211
 		goto out_mmput;
2035
2212
 
..
..
@@ -2040,7 +2217,7 @@
2040
2217
 		path_get(path);
2041
2218
 		rc = 0;
2042
2219
 	}
2043
-	up_read(&mm->mmap_sem);
2220
+	mmap_read_unlock(mm);
2044
2221
 
2045
2222
 out_mmput:
2046
2223
 	mmput(mm);
..
..
@@ -2055,16 +2232,16 @@
2055
2232
 };
2056
2233
 
2057
2234
 /*
2058
- * Only allow CAP_SYS_ADMIN to follow the links, due to concerns about how the
2059
- * symlinks may be used to bypass permissions on ancestor directories in the
2060
- * path to the file in question.
2235
+ * Only allow CAP_SYS_ADMIN and CAP_CHECKPOINT_RESTORE to follow the links, due
2236
+ * to concerns about how the symlinks may be used to bypass permissions on
2237
+ * ancestor directories in the path to the file in question.
2061
2238
  */
2062
2239
 static const char *
2063
2240
 proc_map_files_get_link(struct dentry *dentry,
2064
2241
 			struct inode *inode,
2065
2242
 		        struct delayed_call *done)
2066
2243
 {
2067
-	if (!capable(CAP_SYS_ADMIN))
2244
+	if (!checkpoint_restore_ns_capable(&init_user_ns))
2068
2245
 		return ERR_PTR(-EPERM);
2069
2246
 
2070
2247
 	return proc_pid_get_link(dentry, inode, done);
..
..
@@ -2130,7 +2307,7 @@
2130
2307
 		goto out_put_task;
2131
2308
 
2132
2309
 	result = ERR_PTR(-EINTR);
2133
-	if (down_read_killable(&mm->mmap_sem))
2310
+	if (mmap_read_lock_killable(mm))
2134
2311
 		goto out_put_mm;
2135
2312
 
2136
2313
 	result = ERR_PTR(-ENOENT);
..
..
@@ -2143,7 +2320,7 @@
2143
2320
 				(void *)(unsigned long)vma->vm_file->f_mode);
2144
2321
 
2145
2322
 out_no_vma:
2146
-	up_read(&mm->mmap_sem);
2323
+	mmap_read_unlock(mm);
2147
2324
 out_put_mm:
2148
2325
 	mmput(mm);
2149
2326
 out_put_task:
..
..
@@ -2165,10 +2342,11 @@
2165
2342
 	struct task_struct *task;
2166
2343
 	struct mm_struct *mm;
2167
2344
 	unsigned long nr_files, pos, i;
2168
-	struct flex_array *fa = NULL;
2169
-	struct map_files_info info;
2345
+	GENRADIX(struct map_files_info) fa;
2170
2346
 	struct map_files_info *p;
2171
2347
 	int ret;
2348
+
2349
+	genradix_init(&fa);
2172
2350
 
2173
2351
 	ret = -ENOENT;
2174
2352
 	task = get_proc_task(file_inode(file));
..
..
@@ -2187,7 +2365,7 @@
2187
2365
 	if (!mm)
2188
2366
 		goto out_put_task;
2189
2367
 
2190
-	ret = down_read_killable(&mm->mmap_sem);
2368
+	ret = mmap_read_lock_killable(mm);
2191
2369
 	if (ret) {
2192
2370
 		mmput(mm);
2193
2371
 		goto out_put_task;
..
..
@@ -2198,52 +2376,39 @@
2198
2376
 	/*
2199
2377
 	 * We need two passes here:
2200
2378
 	 *
2201
-	 *  1) Collect vmas of mapped files with mmap_sem taken
2202
-	 *  2) Release mmap_sem and instantiate entries
2379
+	 *  1) Collect vmas of mapped files with mmap_lock taken
2380
+	 *  2) Release mmap_lock and instantiate entries
2203
2381
 	 *
2204
2382
 	 * otherwise we get lockdep complained, since filldir()
2205
-	 * routine might require mmap_sem taken in might_fault().
2383
+	 * routine might require mmap_lock taken in might_fault().
2206
2384
 	 */
2207
2385
 
2208
2386
 	for (vma = mm->mmap, pos = 2; vma; vma = vma->vm_next) {
2209
-		if (vma->vm_file && ++pos > ctx->pos)
2210
-			nr_files++;
2211
-	}
2387
+		if (!vma->vm_file)
2388
+			continue;
2389
+		if (++pos <= ctx->pos)
2390
+			continue;
2212
2391
 
2213
-	if (nr_files) {
2214
-		fa = flex_array_alloc(sizeof(info), nr_files,
2215
-					GFP_KERNEL);
2216
-		if (!fa || flex_array_prealloc(fa, 0, nr_files,
2217
-						GFP_KERNEL)) {
2392
+		p = genradix_ptr_alloc(&fa, nr_files++, GFP_KERNEL);
2393
+		if (!p) {
2218
2394
 			ret = -ENOMEM;
2219
-			if (fa)
2220
-				flex_array_free(fa);
2221
-			up_read(&mm->mmap_sem);
2395
+			mmap_read_unlock(mm);
2222
2396
 			mmput(mm);
2223
2397
 			goto out_put_task;
2224
2398
 		}
2225
-		for (i = 0, vma = mm->mmap, pos = 2; vma;
2226
-				vma = vma->vm_next) {
2227
-			if (!vma->vm_file)
2228
-				continue;
2229
-			if (++pos <= ctx->pos)
2230
-				continue;
2231
2399
 
2232
-			info.start = vma->vm_start;
2233
-			info.end = vma->vm_end;
2234
-			info.mode = vma->vm_file->f_mode;
2235
-			if (flex_array_put(fa, i++, &info, GFP_KERNEL))
2236
-				BUG();
2237
-		}
2400
+		p->start = vma->vm_start;
2401
+		p->end = vma->vm_end;
2402
+		p->mode = vma->vm_file->f_mode;
2238
2403
 	}
2239
-	up_read(&mm->mmap_sem);
2404
+	mmap_read_unlock(mm);
2240
2405
 	mmput(mm);
2241
2406
 
2242
2407
 	for (i = 0; i < nr_files; i++) {
2243
2408
 		char buf[4 * sizeof(long) + 2];	/* max: %lx-%lx\0 */
2244
2409
 		unsigned int len;
2245
2410
 
2246
-		p = flex_array_get(fa, i);
2411
+		p = genradix_ptr(&fa, i);
2247
2412
 		len = snprintf(buf, sizeof(buf), "%lx-%lx", p->start, p->end);
2248
2413
 		if (!proc_fill_cache(file, ctx,
2249
2414
 				      buf, len,
..
..
@@ -2253,12 +2418,11 @@
2253
2418
 			break;
2254
2419
 		ctx->pos++;
2255
2420
 	}
2256
-	if (fa)
2257
-		flex_array_free(fa);
2258
2421
 
2259
2422
 out_put_task:
2260
2423
 	put_task_struct(task);
2261
2424
 out:
2425
+	genradix_free(&fa);
2262
2426
 	return ret;
2263
2427
 }
2264
2428
 
..
..
@@ -2357,7 +2521,7 @@
2357
2521
 		return -ENOMEM;
2358
2522
 
2359
2523
 	tp->pid = proc_pid(inode);
2360
-	tp->ns = proc_pid_ns(inode);
2524
+	tp->ns = proc_pid_ns(inode->i_sb);
2361
2525
 	return 0;
2362
2526
 }
2363
2527
 
..
..
@@ -2386,10 +2550,13 @@
2386
2550
 		return -ESRCH;
2387
2551
 
2388
2552
 	if (p != current) {
2389
-		if (!capable(CAP_SYS_NICE)) {
2553
+		rcu_read_lock();
2554
+		if (!ns_capable(__task_cred(p)->user_ns, CAP_SYS_NICE)) {
2555
+			rcu_read_unlock();
2390
2556
 			count = -EPERM;
2391
2557
 			goto out;
2392
2558
 		}
2559
+		rcu_read_unlock();
2393
2560
 
2394
2561
 		err = security_task_setscheduler(p);
2395
2562
 		if (err) {
..
..
@@ -2422,11 +2589,14 @@
2422
2589
 		return -ESRCH;
2423
2590
 
2424
2591
 	if (p != current) {
2425
-
2426
-		if (!capable(CAP_SYS_NICE)) {
2592
+		rcu_read_lock();
2593
+		if (!ns_capable(__task_cred(p)->user_ns, CAP_SYS_NICE)) {
2594
+			rcu_read_unlock();
2427
2595
 			err = -EPERM;
2428
2596
 			goto out;
2429
2597
 		}
2598
+		rcu_read_unlock();
2599
+
2430
2600
 		err = security_task_getscheduler(p);
2431
2601
 		if (err)
2432
2602
 			goto out;
..
..
@@ -2481,11 +2651,10 @@
2481
2651
 
2482
2652
 static struct dentry *proc_pident_lookup(struct inode *dir, 
2483
2653
 					 struct dentry *dentry,
2484
-					 const struct pid_entry *ents,
2485
-					 unsigned int nents)
2654
+					 const struct pid_entry *p,
2655
+					 const struct pid_entry *end)
2486
2656
 {
2487
2657
 	struct task_struct *task = get_proc_task(dir);
2488
-	const struct pid_entry *p, *last;
2489
2658
 	struct dentry *res = ERR_PTR(-ENOENT);
2490
2659
 
2491
2660
 	if (!task)
..
..
@@ -2495,8 +2664,7 @@
2495
2664
 	 * Yes, it does not scale. And it should not. Don't add
2496
2665
 	 * new entries into /proc/<tgid>/ without very good reasons.
2497
2666
 	 */
2498
-	last = &ents[nents];
2499
-	for (p = ents; p < last; p++) {
2667
+	for (; p < end; p++) {
2500
2668
 		if (p->len != dentry->d_name.len)
2501
2669
 			continue;
2502
2670
 		if (!memcmp(dentry->d_name.name, p->name, p->len)) {
..
..
@@ -2554,7 +2722,7 @@
2554
2722
 	if (!task)
2555
2723
 		return -ESRCH;
2556
2724
 
2557
-	length = security_getprocattr(task,
2725
+	length = security_getprocattr(task, PROC_I(inode)->op.lsm,
2558
2726
 				      (char*)file->f_path.dentry->d_name.name,
2559
2727
 				      &p);
2560
2728
 	put_task_struct(task);
..
..
@@ -2612,7 +2780,9 @@
2612
2780
 	if (rv < 0)
2613
2781
 		goto out_free;
2614
2782
 
2615
-	rv = security_setprocattr(file->f_path.dentry->d_name.name, page, count);
2783
+	rv = security_setprocattr(PROC_I(inode)->op.lsm,
2784
+				  file->f_path.dentry->d_name.name, page,
2785
+				  count);
2616
2786
 	mutex_unlock(&current->signal->cred_guard_mutex);
2617
2787
 out_free:
2618
2788
 	kfree(page);
..
..
@@ -2628,13 +2798,66 @@
2628
2798
 	.release	= mem_release,
2629
2799
 };
2630
2800
 
2801
+#define LSM_DIR_OPS(LSM) \
2802
+static int proc_##LSM##_attr_dir_iterate(struct file *filp, \
2803
+			     struct dir_context *ctx) \
2804
+{ \
2805
+	return proc_pident_readdir(filp, ctx, \
2806
+				   LSM##_attr_dir_stuff, \
2807
+				   ARRAY_SIZE(LSM##_attr_dir_stuff)); \
2808
+} \
2809
+\
2810
+static const struct file_operations proc_##LSM##_attr_dir_ops = { \
2811
+	.read		= generic_read_dir, \
2812
+	.iterate	= proc_##LSM##_attr_dir_iterate, \
2813
+	.llseek		= default_llseek, \
2814
+}; \
2815
+\
2816
+static struct dentry *proc_##LSM##_attr_dir_lookup(struct inode *dir, \
2817
+				struct dentry *dentry, unsigned int flags) \
2818
+{ \
2819
+	return proc_pident_lookup(dir, dentry, \
2820
+				  LSM##_attr_dir_stuff, \
2821
+				  LSM##_attr_dir_stuff + ARRAY_SIZE(LSM##_attr_dir_stuff)); \
2822
+} \
2823
+\
2824
+static const struct inode_operations proc_##LSM##_attr_dir_inode_ops = { \
2825
+	.lookup		= proc_##LSM##_attr_dir_lookup, \
2826
+	.getattr	= pid_getattr, \
2827
+	.setattr	= proc_setattr, \
2828
+}
2829
+
2830
+#ifdef CONFIG_SECURITY_SMACK
2831
+static const struct pid_entry smack_attr_dir_stuff[] = {
2832
+	ATTR("smack", "current",	0666),
2833
+};
2834
+LSM_DIR_OPS(smack);
2835
+#endif
2836
+
2837
+#ifdef CONFIG_SECURITY_APPARMOR
2838
+static const struct pid_entry apparmor_attr_dir_stuff[] = {
2839
+	ATTR("apparmor", "current",	0666),
2840
+	ATTR("apparmor", "prev",	0444),
2841
+	ATTR("apparmor", "exec",	0666),
2842
+};
2843
+LSM_DIR_OPS(apparmor);
2844
+#endif
2845
+
2631
2846
 static const struct pid_entry attr_dir_stuff[] = {
2632
-	REG("current",    S_IRUGO|S_IWUGO, proc_pid_attr_operations),
2633
-	REG("prev",       S_IRUGO,	   proc_pid_attr_operations),
2634
-	REG("exec",       S_IRUGO|S_IWUGO, proc_pid_attr_operations),
2635
-	REG("fscreate",   S_IRUGO|S_IWUGO, proc_pid_attr_operations),
2636
-	REG("keycreate",  S_IRUGO|S_IWUGO, proc_pid_attr_operations),
2637
-	REG("sockcreate", S_IRUGO|S_IWUGO, proc_pid_attr_operations),
2847
+	ATTR(NULL, "current",		0666),
2848
+	ATTR(NULL, "prev",		0444),
2849
+	ATTR(NULL, "exec",		0666),
2850
+	ATTR(NULL, "fscreate",		0666),
2851
+	ATTR(NULL, "keycreate",		0666),
2852
+	ATTR(NULL, "sockcreate",	0666),
2853
+#ifdef CONFIG_SECURITY_SMACK
2854
+	DIR("smack",			0555,
2855
+	    proc_smack_attr_dir_inode_ops, proc_smack_attr_dir_ops),
2856
+#endif
2857
+#ifdef CONFIG_SECURITY_APPARMOR
2858
+	DIR("apparmor",			0555,
2859
+	    proc_apparmor_attr_dir_inode_ops, proc_apparmor_attr_dir_ops),
2860
+#endif
2638
2861
 };
2639
2862
 
2640
2863
 static int proc_attr_dir_readdir(struct file *file, struct dir_context *ctx)
..
..
@@ -2653,7 +2876,8 @@
2653
2876
 				struct dentry *dentry, unsigned int flags)
2654
2877
 {
2655
2878
 	return proc_pident_lookup(dir, dentry,
2656
-				  attr_dir_stuff, ARRAY_SIZE(attr_dir_stuff));
2879
+				  attr_dir_stuff,
2880
+				  attr_dir_stuff + ARRAY_SIZE(attr_dir_stuff));
2657
2881
 }
2658
2882
 
2659
2883
 static const struct inode_operations proc_attr_dir_inode_operations = {
..
..
@@ -2748,7 +2972,7 @@
2748
2972
 	unsigned long flags;
2749
2973
 	int result;
2750
2974
 
2751
-	result = mutex_lock_killable(&task->signal->cred_guard_mutex);
2975
+	result = down_read_killable(&task->signal->exec_update_lock);
2752
2976
 	if (result)
2753
2977
 		return result;
2754
2978
 
..
..
@@ -2784,7 +3008,7 @@
2784
3008
 	result = 0;
2785
3009
 
2786
3010
 out_unlock:
2787
-	mutex_unlock(&task->signal->cred_guard_mutex);
3011
+	up_read(&task->signal->exec_update_lock);
2788
3012
 	return result;
2789
3013
 }
2790
3014
 
..
..
@@ -2953,6 +3177,21 @@
2953
3177
 }
2954
3178
 #endif /* CONFIG_LIVEPATCH */
2955
3179
 
3180
+#ifdef CONFIG_STACKLEAK_METRICS
3181
+static int proc_stack_depth(struct seq_file *m, struct pid_namespace *ns,
3182
+				struct pid *pid, struct task_struct *task)
3183
+{
3184
+	unsigned long prev_depth = THREAD_SIZE -
3185
+				(task->prev_lowest_stack & (THREAD_SIZE - 1));
3186
+	unsigned long depth = THREAD_SIZE -
3187
+				(task->lowest_stack & (THREAD_SIZE - 1));
3188
+
3189
+	seq_printf(m, "previous stack depth: %lu\nstack depth: %lu\n",
3190
+							prev_depth, depth);
3191
+	return 0;
3192
+}
3193
+#endif /* CONFIG_STACKLEAK_METRICS */
3194
+
2956
3195
 /*
2957
3196
  * Thread groups
2958
3197
  */
..
..
@@ -2963,7 +3202,7 @@
2963
3202
 	DIR("task",       S_IRUGO|S_IXUGO, proc_task_inode_operations, proc_task_operations),
2964
3203
 	DIR("fd",         S_IRUSR|S_IXUSR, proc_fd_inode_operations, proc_fd_operations),
2965
3204
 	DIR("map_files",  S_IRUSR|S_IXUSR, proc_map_files_inode_operations, proc_map_files_operations),
2966
-	DIR("fdinfo",     S_IRUSR|S_IXUSR, proc_fdinfo_inode_operations, proc_fdinfo_operations),
3205
+	DIR("fdinfo",     S_IRUGO|S_IXUGO, proc_fdinfo_inode_operations, proc_fdinfo_operations),
2967
3206
 	DIR("ns",	  S_IRUSR|S_IXUGO, proc_ns_dir_inode_operations, proc_ns_dir_operations),
2968
3207
 #ifdef CONFIG_NET
2969
3208
 	DIR("net",        S_IRUGO|S_IXUGO, proc_net_inode_operations, proc_net_operations),
..
..
@@ -2978,6 +3217,9 @@
2978
3217
 #endif
2979
3218
 #ifdef CONFIG_SCHED_AUTOGROUP
2980
3219
 	REG("autogroup",  S_IRUGO|S_IWUSR, proc_pid_sched_autogroup_operations),
3220
+#endif
3221
+#ifdef CONFIG_TIME_NS
3222
+	REG("timens_offsets",  S_IRUGO|S_IWUSR, proc_timens_offsets_operations),
2981
3223
 #endif
2982
3224
 	REG("comm",      S_IRUGO|S_IWUSR, proc_pid_set_comm_operations),
2983
3225
 #ifdef CONFIG_HAVE_ARCH_TRACEHOOK
..
..
@@ -3024,10 +3266,13 @@
3024
3266
 #ifdef CONFIG_CGROUPS
3025
3267
 	ONE("cgroup",  S_IRUGO, proc_cgroup_show),
3026
3268
 #endif
3269
+#ifdef CONFIG_PROC_CPU_RESCTRL
3270
+	ONE("cpu_resctrl_groups", S_IRUGO, proc_resctrl_show),
3271
+#endif
3027
3272
 	ONE("oom_score",  S_IRUGO, proc_oom_score),
3028
3273
 	REG("oom_adj",    S_IRUGO|S_IWUSR, proc_oom_adj_operations),
3029
3274
 	REG("oom_score_adj", S_IRUGO|S_IWUSR, proc_oom_score_adj_operations),
3030
-#ifdef CONFIG_AUDITSYSCALL
3275
+#ifdef CONFIG_AUDIT
3031
3276
 	REG("loginuid",   S_IWUSR|S_IRUGO, proc_loginuid_operations),
3032
3277
 	REG("sessionid",  S_IRUGO, proc_sessionid_operations),
3033
3278
 #endif
..
..
@@ -3057,6 +3302,12 @@
3057
3302
 #ifdef CONFIG_CPU_FREQ_TIMES
3058
3303
 	ONE("time_in_state", 0444, proc_time_in_state_show),
3059
3304
 #endif
3305
+#ifdef CONFIG_STACKLEAK_METRICS
3306
+	ONE("stack_depth", S_IRUGO, proc_stack_depth),
3307
+#endif
3308
+#ifdef CONFIG_PROC_PID_ARCH_STATUS
3309
+	ONE("arch_status", S_IRUGO, proc_pid_arch_status),
3310
+#endif
3060
3311
 };
3061
3312
 
3062
3313
 static int proc_tgid_base_readdir(struct file *file, struct dir_context *ctx)
..
..
@@ -3073,8 +3324,7 @@
3073
3324
 
3074
3325
 struct pid *tgid_pidfd_to_pid(const struct file *file)
3075
3326
 {
3076
-	if (!d_is_dir(file->f_path.dentry) ||
3077
-	    (file->f_op != &proc_tgid_base_operations))
3327
+	if (file->f_op != &proc_tgid_base_operations)
3078
3328
 		return ERR_PTR(-EBADF);
3079
3329
 
3080
3330
 	return proc_pid(file_inode(file));
..
..
@@ -3083,7 +3333,8 @@
3083
3333
 static struct dentry *proc_tgid_base_lookup(struct inode *dir, struct dentry *dentry, unsigned int flags)
3084
3334
 {
3085
3335
 	return proc_pident_lookup(dir, dentry,
3086
-				  tgid_base_stuff, ARRAY_SIZE(tgid_base_stuff));
3336
+				  tgid_base_stuff,
3337
+				  tgid_base_stuff + ARRAY_SIZE(tgid_base_stuff));
3087
3338
 }
3088
3339
 
3089
3340
 static const struct inode_operations proc_tgid_base_inode_operations = {
..
..
@@ -3093,90 +3344,28 @@
3093
3344
 	.permission	= proc_pid_permission,
3094
3345
 };
3095
3346
 
3096
-static void proc_flush_task_mnt(struct vfsmount *mnt, pid_t pid, pid_t tgid)
3097
-{
3098
-	struct dentry *dentry, *leader, *dir;
3099
-	char buf[10 + 1];
3100
-	struct qstr name;
3101
-
3102
-	name.name = buf;
3103
-	name.len = snprintf(buf, sizeof(buf), "%u", pid);
3104
-	/* no ->d_hash() rejects on procfs */
3105
-	dentry = d_hash_and_lookup(mnt->mnt_root, &name);
3106
-	if (dentry) {
3107
-		d_invalidate(dentry);
3108
-		dput(dentry);
3109
-	}
3110
-
3111
-	if (pid == tgid)
3112
-		return;
3113
-
3114
-	name.name = buf;
3115
-	name.len = snprintf(buf, sizeof(buf), "%u", tgid);
3116
-	leader = d_hash_and_lookup(mnt->mnt_root, &name);
3117
-	if (!leader)
3118
-		goto out;
3119
-
3120
-	name.name = "task";
3121
-	name.len = strlen(name.name);
3122
-	dir = d_hash_and_lookup(leader, &name);
3123
-	if (!dir)
3124
-		goto out_put_leader;
3125
-
3126
-	name.name = buf;
3127
-	name.len = snprintf(buf, sizeof(buf), "%u", pid);
3128
-	dentry = d_hash_and_lookup(dir, &name);
3129
-	if (dentry) {
3130
-		d_invalidate(dentry);
3131
-		dput(dentry);
3132
-	}
3133
-
3134
-	dput(dir);
3135
-out_put_leader:
3136
-	dput(leader);
3137
-out:
3138
-	return;
3139
-}
3140
-
3141
3347
 /**
3142
- * proc_flush_task -  Remove dcache entries for @task from the /proc dcache.
3143
- * @task: task that should be flushed.
3348
+ * proc_flush_pid -  Remove dcache entries for @pid from the /proc dcache.
3349
+ * @pid: pid that should be flushed.
3144
3350
  *
3145
- * When flushing dentries from proc, one needs to flush them from global
3146
- * proc (proc_mnt) and from all the namespaces' procs this task was seen
3147
- * in. This call is supposed to do all of this job.
3148
- *
3149
- * Looks in the dcache for
3150
- * /proc/@pid
3151
- * /proc/@tgid/task/@pid
3152
- * if either directory is present flushes it and all of it'ts children
3153
- * from the dcache.
3351
+ * This function walks a list of inodes (that belong to any proc
3352
+ * filesystem) that are attached to the pid and flushes them from
3353
+ * the dentry cache.
3154
3354
  *
3155
3355
  * It is safe and reasonable to cache /proc entries for a task until
3156
3356
  * that task exits.  After that they just clog up the dcache with
3157
3357
  * useless entries, possibly causing useful dcache entries to be
3158
- * flushed instead.  This routine is proved to flush those useless
3159
- * dcache entries at process exit time.
3358
+ * flushed instead.  This routine is provided to flush those useless
3359
+ * dcache entries when a process is reaped.
3160
3360
  *
3161
3361
  * NOTE: This routine is just an optimization so it does not guarantee
3162
- *       that no dcache entries will exist at process exit time it
3163
- *       just makes it very unlikely that any will persist.
3362
+ *       that no dcache entries will exist after a process is reaped
3363
+ *       it just makes it very unlikely that any will persist.
3164
3364
  */
3165
3365
 
3166
-void proc_flush_task(struct task_struct *task)
3366
+void proc_flush_pid(struct pid *pid)
3167
3367
 {
3168
-	int i;
3169
-	struct pid *pid, *tgid;
3170
-	struct upid *upid;
3171
-
3172
-	pid = task_pid(task);
3173
-	tgid = task_tgid(task);
3174
-
3175
-	for (i = 0; i <= pid->level; i++) {
3176
-		upid = &pid->numbers[i];
3177
-		proc_flush_task_mnt(upid->ns->proc_mnt, upid->nr,
3178
-					tgid->numbers[i].nr);
3179
-	}
3368
+	proc_invalidate_siblings_dcache(&pid->inodes, &pid->lock);
3180
3369
 }
3181
3370
 
3182
3371
 static struct dentry *proc_pid_instantiate(struct dentry * dentry,
..
..
@@ -3184,7 +3373,8 @@
3184
3373
 {
3185
3374
 	struct inode *inode;
3186
3375
 
3187
-	inode = proc_pid_make_inode(dentry->d_sb, task, S_IFDIR | S_IRUGO | S_IXUGO);
3376
+	inode = proc_pid_make_base_inode(dentry->d_sb, task,
3377
+					 S_IFDIR | S_IRUGO | S_IXUGO);
3188
3378
 	if (!inode)
3189
3379
 		return ERR_PTR(-ENOENT);
3190
3380
 
..
..
@@ -3199,10 +3389,11 @@
3199
3389
 	return d_splice_alias(inode, dentry);
3200
3390
 }
3201
3391
 
3202
-struct dentry *proc_pid_lookup(struct inode *dir, struct dentry * dentry, unsigned int flags)
3392
+struct dentry *proc_pid_lookup(struct dentry *dentry, unsigned int flags)
3203
3393
 {
3204
3394
 	struct task_struct *task;
3205
3395
 	unsigned tgid;
3396
+	struct proc_fs_info *fs_info;
3206
3397
 	struct pid_namespace *ns;
3207
3398
 	struct dentry *result = ERR_PTR(-ENOENT);
3208
3399
 
..
..
@@ -3210,7 +3401,8 @@
3210
3401
 	if (tgid == ~0U)
3211
3402
 		goto out;
3212
3403
 
3213
-	ns = dentry->d_sb->s_fs_info;
3404
+	fs_info = proc_sb_info(dentry->d_sb);
3405
+	ns = fs_info->pid_ns;
3214
3406
 	rcu_read_lock();
3215
3407
 	task = find_task_by_pid_ns(tgid, ns);
3216
3408
 	if (task)
..
..
@@ -3219,7 +3411,14 @@
3219
3411
 	if (!task)
3220
3412
 		goto out;
3221
3413
 
3414
+	/* Limit procfs to only ptraceable tasks */
3415
+	if (fs_info->hide_pid == HIDEPID_NOT_PTRACEABLE) {
3416
+		if (!has_pid_permissions(fs_info, task, HIDEPID_NO_ACCESS))
3417
+			goto out_put_task;
3418
+	}
3419
+
3222
3420
 	result = proc_pid_instantiate(dentry, task, NULL);
3421
+out_put_task:
3223
3422
 	put_task_struct(task);
3224
3423
 out:
3225
3424
 	return result;
..
..
@@ -3245,20 +3444,8 @@
3245
3444
 	pid = find_ge_pid(iter.tgid, ns);
3246
3445
 	if (pid) {
3247
3446
 		iter.tgid = pid_nr_ns(pid, ns);
3248
-		iter.task = pid_task(pid, PIDTYPE_PID);
3249
-		/* What we to know is if the pid we have find is the
3250
-		 * pid of a thread_group_leader.  Testing for task
3251
-		 * being a thread_group_leader is the obvious thing
3252
-		 * todo but there is a window when it fails, due to
3253
-		 * the pid transfer logic in de_thread.
3254
-		 *
3255
-		 * So we perform the straight forward test of seeing
3256
-		 * if the pid we have found is the pid of a thread
3257
-		 * group leader, and don't worry if the task we have
3258
-		 * found doesn't happen to be a thread group leader.
3259
-		 * As we don't care in the case of readdir.
3260
-		 */
3261
-		if (!iter.task || !has_group_leader_pid(iter.task)) {
3447
+		iter.task = pid_task(pid, PIDTYPE_TGID);
3448
+		if (!iter.task) {
3262
3449
 			iter.tgid += 1;
3263
3450
 			goto retry;
3264
3451
 		}
..
..
@@ -3274,20 +3461,21 @@
3274
3461
 int proc_pid_readdir(struct file *file, struct dir_context *ctx)
3275
3462
 {
3276
3463
 	struct tgid_iter iter;
3277
-	struct pid_namespace *ns = proc_pid_ns(file_inode(file));
3464
+	struct proc_fs_info *fs_info = proc_sb_info(file_inode(file)->i_sb);
3465
+	struct pid_namespace *ns = proc_pid_ns(file_inode(file)->i_sb);
3278
3466
 	loff_t pos = ctx->pos;
3279
3467
 
3280
3468
 	if (pos >= PID_MAX_LIMIT + TGID_OFFSET)
3281
3469
 		return 0;
3282
3470
 
3283
3471
 	if (pos == TGID_OFFSET - 2) {
3284
-		struct inode *inode = d_inode(ns->proc_self);
3472
+		struct inode *inode = d_inode(fs_info->proc_self);
3285
3473
 		if (!dir_emit(ctx, "self", 4, inode->i_ino, DT_LNK))
3286
3474
 			return 0;
3287
3475
 		ctx->pos = pos = pos + 1;
3288
3476
 	}
3289
3477
 	if (pos == TGID_OFFSET - 1) {
3290
-		struct inode *inode = d_inode(ns->proc_thread_self);
3478
+		struct inode *inode = d_inode(fs_info->proc_thread_self);
3291
3479
 		if (!dir_emit(ctx, "thread-self", 11, inode->i_ino, DT_LNK))
3292
3480
 			return 0;
3293
3481
 		ctx->pos = pos = pos + 1;
..
..
@@ -3301,7 +3489,7 @@
3301
3489
 		unsigned int len;
3302
3490
 
3303
3491
 		cond_resched();
3304
-		if (!has_pid_permissions(ns, iter.task, HIDEPID_INVISIBLE))
3492
+		if (!has_pid_permissions(fs_info, iter.task, HIDEPID_INVISIBLE))
3305
3493
 			continue;
3306
3494
 
3307
3495
 		len = snprintf(name, sizeof(name), "%u", iter.tgid);
..
..
@@ -3351,7 +3539,8 @@
3351
3539
 }
3352
3540
 
3353
3541
 static const struct inode_operations proc_tid_comm_inode_operations = {
3354
-		.permission = proc_tid_comm_permission,
3542
+		.setattr	= proc_setattr,
3543
+		.permission	= proc_tid_comm_permission,
3355
3544
 };
3356
3545
 
3357
3546
 /*
..
..
@@ -3359,7 +3548,7 @@
3359
3548
  */
3360
3549
 static const struct pid_entry tid_base_stuff[] = {
3361
3550
 	DIR("fd",        S_IRUSR|S_IXUSR, proc_fd_inode_operations, proc_fd_operations),
3362
-	DIR("fdinfo",    S_IRUSR|S_IXUSR, proc_fdinfo_inode_operations, proc_fdinfo_operations),
3551
+	DIR("fdinfo",    S_IRUGO|S_IXUGO, proc_fdinfo_inode_operations, proc_fdinfo_operations),
3363
3552
 	DIR("ns",	 S_IRUSR|S_IXUGO, proc_ns_dir_inode_operations, proc_ns_dir_operations),
3364
3553
 #ifdef CONFIG_NET
3365
3554
 	DIR("net",        S_IRUGO|S_IXUGO, proc_net_inode_operations, proc_net_operations),
..
..
@@ -3421,10 +3610,13 @@
3421
3610
 #ifdef CONFIG_CGROUPS
3422
3611
 	ONE("cgroup",  S_IRUGO, proc_cgroup_show),
3423
3612
 #endif
3613
+#ifdef CONFIG_PROC_CPU_RESCTRL
3614
+	ONE("cpu_resctrl_groups", S_IRUGO, proc_resctrl_show),
3615
+#endif
3424
3616
 	ONE("oom_score", S_IRUGO, proc_oom_score),
3425
3617
 	REG("oom_adj",   S_IRUGO|S_IWUSR, proc_oom_adj_operations),
3426
3618
 	REG("oom_score_adj", S_IRUGO|S_IWUSR, proc_oom_score_adj_operations),
3427
-#ifdef CONFIG_AUDITSYSCALL
3619
+#ifdef CONFIG_AUDIT
3428
3620
 	REG("loginuid",  S_IWUSR|S_IRUGO, proc_loginuid_operations),
3429
3621
 	REG("sessionid",  S_IRUGO, proc_sessionid_operations),
3430
3622
 #endif
..
..
@@ -3444,6 +3636,9 @@
3444
3636
 #ifdef CONFIG_LIVEPATCH
3445
3637
 	ONE("patch_state",  S_IRUSR, proc_pid_patch_state),
3446
3638
 #endif
3639
+#ifdef CONFIG_PROC_PID_ARCH_STATUS
3640
+	ONE("arch_status", S_IRUGO, proc_pid_arch_status),
3641
+#endif
3447
3642
 #ifdef CONFIG_CPU_FREQ_TIMES
3448
3643
 	ONE("time_in_state", 0444, proc_time_in_state_show),
3449
3644
 #endif
..
..
@@ -3458,7 +3653,8 @@
3458
3653
 static struct dentry *proc_tid_base_lookup(struct inode *dir, struct dentry *dentry, unsigned int flags)
3459
3654
 {
3460
3655
 	return proc_pident_lookup(dir, dentry,
3461
-				  tid_base_stuff, ARRAY_SIZE(tid_base_stuff));
3656
+				  tid_base_stuff,
3657
+				  tid_base_stuff + ARRAY_SIZE(tid_base_stuff));
3462
3658
 }
3463
3659
 
3464
3660
 static const struct file_operations proc_tid_base_operations = {
..
..
@@ -3477,7 +3673,8 @@
3477
3673
 	struct task_struct *task, const void *ptr)
3478
3674
 {
3479
3675
 	struct inode *inode;
3480
-	inode = proc_pid_make_inode(dentry->d_sb, task, S_IFDIR | S_IRUGO | S_IXUGO);
3676
+	inode = proc_pid_make_base_inode(dentry->d_sb, task,
3677
+					 S_IFDIR | S_IRUGO | S_IXUGO);
3481
3678
 	if (!inode)
3482
3679
 		return ERR_PTR(-ENOENT);
3483
3680
 
..
..
@@ -3497,6 +3694,7 @@
3497
3694
 	struct task_struct *task;
3498
3695
 	struct task_struct *leader = get_proc_task(dir);
3499
3696
 	unsigned tid;
3697
+	struct proc_fs_info *fs_info;
3500
3698
 	struct pid_namespace *ns;
3501
3699
 	struct dentry *result = ERR_PTR(-ENOENT);
3502
3700
 
..
..
@@ -3507,7 +3705,8 @@
3507
3705
 	if (tid == ~0U)
3508
3706
 		goto out;
3509
3707
 
3510
-	ns = dentry->d_sb->s_fs_info;
3708
+	fs_info = proc_sb_info(dentry->d_sb);
3709
+	ns = fs_info->pid_ns;
3511
3710
 	rcu_read_lock();
3512
3711
 	task = find_task_by_pid_ns(tid, ns);
3513
3712
 	if (task)
..
..
@@ -3621,7 +3820,7 @@
3621
3820
 	/* f_version caches the tgid value that the last readdir call couldn't
3622
3821
 	 * return. lseek aka telldir automagically resets f_version to 0.
3623
3822
 	 */
3624
-	ns = proc_pid_ns(inode);
3823
+	ns = proc_pid_ns(inode->i_sb);
3625
3824
 	tid = (int)file->f_version;
3626
3825
 	file->f_version = 0;
3627
3826
 	for (task = first_tid(proc_pid(inode), tid, ctx->pos - 2, ns);