files-reg: restore PR_SET_DUMPABLE flag after setfsuid

Restore dumpable flag after setfsuid to assure that created /proc/self/*
file inode had task's credentials. Without it it would have root creds
and trying to access proc files of task will fail from non-root user
in generic vfs permission check.
Signed-off-by: Dmitry Safonov <dsafonov@odin.com>
Acked-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>

files-reg.c

@@ -1091,7 +1091,7 @@ static int linkat_hard(int odir, char *opath, int ndir, char *npath, uid_t owner
 
 	if (root_ns_mask & CLONE_NEWUSER) {
 		setfsuid(old_fsuid);
-		if (setfsuid(-1) != old_fsuid)
+		if (setfsuid(-1) != old_fsuid) {
 			pr_warn("Failed to restore old fsuid!\n");
 			/*
 			 * Don't fail here. We still have chances to run till
@@ -1099,6 +1099,15 @@ static int linkat_hard(int odir, char *opath, int ndir, char *npath, uid_t owner
 			 * the proper fsuid, then we'll abort the restore.
 			 */
 		}
+
+		/*
+		 * Restoring PR_SET_DUMPABLE flag is required after setfsuid,
+		 * as if it not set, proc inode will be created with root cred
+		 * (see proc_pid_make_inode), which will result in permission
+		 * check fail when trying to access files in /proc/self/
+		 */
+		prctl(PR_SET_DUMPABLE, 1, 0);
+	}
 	errno = errno_save;
 
 	return ret;