On 10/8/18 6:50 PM, Ahmad Fatoum wrote:
> The referenced commit 1da4d377f94 ("proc: revalidate misc dentries")
> caused following userspace code to access a stale /proc/net/dev
> after the network namespace was changed:
>
> system("ip netns add testns");
>
> printf("default:\n"); {
> int devinfd = open("/proc/net/dev", O_RDONLY);
> sendfile(STDOUT_FILENO, devinfd, NULL, 4096);
> close(devinfd);
> }
>
> printf("testns:\n"); {
> int ns_fd = open("/var/run/netns/testns", O_RDONLY);
> setns(ns_fd, 0);
>
> int devinfd = open("/proc/net/dev", O_RDONLY);
> sendfile(STDOUT_FILENO, devinfd, NULL, 4096);
> close(devinfd);
>
> close(ns_fd);
> }
>
> Despite switching the network namespace, the read access from the
> newly opened file gave back what the very first read in the default
> network namespace returned.
>
> This doesn't occur if /proc/net/dev is opened within a new process,
> which might explain why this wasn't noticed previously.
>
> As I don't see a reason why one would keep negative dentries for procfs
> at all, amend the code not to do this anymore.
>
> Fixes: 1da4d377f94 ("proc: Don't retain negative dentries")
This should read
Fixes: 1da4d377f94 ("proc: revalidate misc dentries")
instead...
