[SRU Focal 1/1] UBUNTU: SAUCE: Revert "proc: Check /proc/$pid/attr/ writes against file opener"

Thadeu Lima de Souza Cascardo cascardo at canonical.com
Wed Jun 30 18:35:47 UTC 2021

BugLink: https://bugs.launchpad.net/bugs/1934187

This reverts commit df6b75120b56beee7005eda0d5eb160bbb9dcf0b, which is
upstream commit bfb819ea20ce8bbeeba17e1a6418bf8bda91fc28.

This has been shown to cause failures with lxd, as the opener process had
different privileges than the writer, preventing lxd to be able to create
new processes inside a container when setting apparmor confinement.

Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo at canonical.com>
 fs/proc/base.c | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/fs/proc/base.c b/fs/proc/base.c
index 435aab2a91fa..1fa9d1796bf1 100644
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -2556,10 +2556,6 @@ static ssize_t proc_pid_attr_write(struct file * file, const char __user * buf,
 	void *page;
 	int rv;
-	/* A task may only write when it was the opener. */
-	if (file->f_cred != current_real_cred())
-		return -EPERM;
 	task = pid_task(proc_pid(inode), PIDTYPE_PID);
 	if (!task) {

More information about the kernel-team mailing list