anon_inodefs: forbid open via /proc

open("/proc/pid/$anon-fd") should fail, we can't create the new file with
correct f_op/etc correctly.  Currently this creates the bogus file with
the empty anon_inode_fops, this is harmless but still wrong and
misleading.

Add anon_inode_fops->anon_open() which simply returns ENXIO like
sock_no_open() does in this case.

Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Cc: Andy Lutomirski <luto@amacapital.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>

diff --git a/fs/anon_inodes.c b/fs/anon_inodes.c
index 85c961849953c090091e2154cbf5618a62750b2f..0cfbe066a00e4ae3fd2fe13bac56ff0d9d00e2c0 100644 (file)
--- a/fs/anon_inodes.c
+++ b/fs/anon_inodes.c
@@ -24,7 +24,15 @@
 
 static struct vfsmount *anon_inode_mnt __read_mostly;
 static struct inode *anon_inode_inode;
-static const struct file_operations anon_inode_fops;
+
+static int anon_open(struct inode *inode, struct file *file)
+{
+       return -ENXIO;
+}
+
+static const struct file_operations anon_inode_fops = {
+       .open = anon_open,
+};
 
 /*
  * anon_inodefs_dname() is called from d_path().