Gh0st
/
linux
mirror of https://github.com/torvalds/linux.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

vfs-6.15-rc1.nsfs 

-----BEGIN PGP SIGNATURE-----
 
 iHUEABYKAB0WIQRAhzRXHqcMeLMyaSiRxhvAZXjcogUCZ90rXwAKCRCRxhvAZXjc
 ogrYAP4kWLzxD2IbBGSs5kBkKdc9qNGMtjrOn5InHm263vTpPwD/VYcOmyc3gScO
 e8hTBES3mYlzBpselh99HnGx5geMtAE=
 =+I5+
 -----END PGP SIGNATURE-----

Merge tag 'vfs-6.15-rc1.nsfs' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs

Pull vfs nsfs updates from Christian Brauner:
 "This contains non-urgent fixes for nsfs to validate ioctls before
  performing any relevant operations.

  We alredy did this for a few other filesystems last cycle"

* tag 'vfs-6.15-rc1.nsfs' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs:
  selftests/nsfs: add ioctl validation tests
  nsfs: validate ioctls
This commit is contained in:
Linus Torvalds 2025-03-24 11:38:12 -07:00
parent aaca83f7b1 58c6cbd97c
commit 74adf9e353
2 changed files with 45 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
fs/nsfs.c
View File

@ -151,19 +151,49 @@ static int copy_ns_info_to_user(const struct mnt_namespace *mnt_ns,
return 0; return 0;
} }
static bool nsfs_ioctl_valid(unsigned int cmd)
{
switch (cmd) {
case NS_GET_USERNS:
case NS_GET_PARENT:
case NS_GET_NSTYPE:
case NS_GET_OWNER_UID:
case NS_GET_MNTNS_ID:
case NS_GET_PID_FROM_PIDNS:
case NS_GET_TGID_FROM_PIDNS:
case NS_GET_PID_IN_PIDNS:
case NS_GET_TGID_IN_PIDNS:
return (_IOC_TYPE(cmd) == _IOC_TYPE(cmd));
}
/* Extensible ioctls require some extra handling. */
switch (_IOC_NR(cmd)) {
case _IOC_NR(NS_MNT_GET_INFO):
case _IOC_NR(NS_MNT_GET_NEXT):
case _IOC_NR(NS_MNT_GET_PREV):
return (_IOC_TYPE(cmd) == _IOC_TYPE(cmd));
}
return false;
}
static long ns_ioctl(struct file *filp, unsigned int ioctl, static long ns_ioctl(struct file *filp, unsigned int ioctl,
unsigned long arg) unsigned long arg)
{ {
struct user_namespace *user_ns; struct user_namespace *user_ns;
struct pid_namespace *pid_ns; struct pid_namespace *pid_ns;
struct task_struct *tsk; struct task_struct *tsk;
struct ns_common *ns = get_proc_ns(file_inode(filp)); struct ns_common *ns;
struct mnt_namespace *mnt_ns; struct mnt_namespace *mnt_ns;
bool previous = false; bool previous = false;
uid_t __user *argp; uid_t __user *argp;
uid_t uid; uid_t uid;
int ret; int ret;
if (!nsfs_ioctl_valid(ioctl))
return -ENOIOCTLCMD;
ns = get_proc_ns(file_inode(filp));
switch (ioctl) { switch (ioctl) {
case NS_GET_USERNS: case NS_GET_USERNS:
return open_related_ns(ns, ns_get_owner); return open_related_ns(ns, ns_get_owner);

14
tools/testing/selftests/filesystems/nsfs/iterate_mntns.c
View File

@ -3,6 +3,8 @@
#define _GNU_SOURCE #define _GNU_SOURCE
#include <fcntl.h> #include <fcntl.h>
#include <linux/auto_dev-ioctl.h>
#include <linux/errno.h>
#include <sched.h> #include <sched.h>
#include <stdio.h> #include <stdio.h>
#include <string.h> #include <string.h>
@ -146,4 +148,16 @@ TEST_F(iterate_mount_namespaces, iterate_backward)
} }
} }
TEST_F(iterate_mount_namespaces, nfs_valid_ioctl)
{
ASSERT_NE(ioctl(self->fd_mnt_ns[0], AUTOFS_DEV_IOCTL_OPENMOUNT, NULL), 0);
ASSERT_EQ(errno, ENOTTY);
ASSERT_NE(ioctl(self->fd_mnt_ns[0], AUTOFS_DEV_IOCTL_CLOSEMOUNT, NULL), 0);
ASSERT_EQ(errno, ENOTTY);
ASSERT_NE(ioctl(self->fd_mnt_ns[0], AUTOFS_DEV_IOCTL_READY, NULL), 0);
ASSERT_EQ(errno, ENOTTY);
}
TEST_HARNESS_MAIN TEST_HARNESS_MAIN