anon_inode: raise SB_I_NODEV and SB_I_NOEXEC - kernel

diff options

author	Christian Brauner <[email protected]>	2025-04-07 09:54:19 +0000
committer	Christian Brauner <[email protected]>	2025-04-07 14:19:04 +0000
commit	1ed95281c0c77dbb1540f9855cd3c5f19900f7a5 (patch)
tree	d39e0d7ba60f81c957f41d187dc70e59f18a98a3 /tools/testing/selftests/filesystems/anon_inode_test.c
parent	pidfs: use anon_inode_setattr() (diff)
download	kernel-1ed95281c0c77dbb1540f9855cd3c5f19900f7a5.tar.gz kernel-1ed95281c0c77dbb1540f9855cd3c5f19900f7a5.zip

anon_inode: raise SB_I_NODEV and SB_I_NOEXEC

It isn't possible to execute anonymous inodes because they cannot be opened in any way after they have been created. This includes execution: execveat(fd_anon_inode, "", NULL, NULL, AT_EMPTY_PATH) Anonymous inodes have inode->f_op set to no_open_fops which sets no_open() which returns ENXIO. That means any call to do_dentry_open() which is the endpoint of the do_open_execat() will fail. There's no chance to execute an anonymous inode. Unless a given subsystem overrides it ofc. However, we should still harden this and raise SB_I_NODEV and SB_I_NOEXEC on the superblock itself so that no one gets any creative ideas. Link: https://lore.kernel.org/[email protected] Reviewed-by: Jeff Layton <[email protected]> Cc: [email protected] # all LTS kernels Signed-off-by: Christian Brauner <[email protected]>

Diffstat (limited to 'tools/testing/selftests/filesystems/anon_inode_test.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: