diff options
| author | Christian Brauner <[email protected]> | 2025-02-12 11:24:28 +0000 |
|---|---|---|
| committer | Christian Brauner <[email protected]> | 2025-02-12 11:24:28 +0000 |
| commit | 240189294fbc9550f5cd7ae9b446ad3cf3c5386a (patch) | |
| tree | ea319503941c20f2f91a91796695a760a73df662 /fs/netfs/write_retry.c | |
| parent | Linux 6.14-rc2 (diff) | |
| parent | acct: block access to kernel internal filesystems (diff) | |
| download | kernel-240189294fbc9550f5cd7ae9b446ad3cf3c5386a.tar.gz kernel-240189294fbc9550f5cd7ae9b446ad3cf3c5386a.zip | |
Merge patch series "acct: don't allow access to internal filesystems"
Christian Brauner <[email protected]> says:
In [1] it was reported that the acct(2) system call can be used to
trigger a NULL deref in cases where it is set to write to a file that
triggers an internal lookup.
This can e.g., happen when pointing acct(2) to /sys/power/resume. At the
point the where the write to this file happens the calling task has
already exited and called exit_fs() but an internal lookup might be
triggered through lookup_bdev(). This may trigger a NULL-deref
when accessing current->fs.
This series does two things:
- Reorganize the code so that the the final write happens from the
workqueue but with the caller's credentials. This preserves the
(strange) permission model and has almost no regression risk.
- Block access to kernel internal filesystems as well as procfs and
sysfs in the first place.
This api should stop to exist imho.
Link: https://lore.kernel.org/r/[email protected] [1]
* patches from https://lore.kernel.org/r/[email protected]:
acct: block access to kernel internal filesystems
acct: perform last write from workqueue
Link: https://lore.kernel.org/r/[email protected]
Signed-off-by: Christian Brauner <[email protected]>
Diffstat (limited to 'fs/netfs/write_retry.c')
0 files changed, 0 insertions, 0 deletions