Skip to content

Commit f5364c1

Browse files
committed
Merge branch 'stacking-fixes' (vfs stacking fixes from Jann)
Merge filesystem stacking fixes from Jann Horn. * emailed patches from Jann Horn <jannh@google.com>: sched: panic on corrupted stack end ecryptfs: forbid opening files without mmap handler proc: prevent stacking filesystems on top
2 parents 33fc259 + 29d6455 commit f5364c1

File tree

3 files changed

+20
-3
lines changed

3 files changed

+20
-3
lines changed

Diff for: fs/ecryptfs/kthread.c

+11-2
Original file line numberDiff line numberDiff line change
@@ -25,6 +25,7 @@
2525
#include <linux/slab.h>
2626
#include <linux/wait.h>
2727
#include <linux/mount.h>
28+
#include <linux/file.h>
2829
#include "ecryptfs_kernel.h"
2930

3031
struct ecryptfs_open_req {
@@ -147,7 +148,7 @@ int ecryptfs_privileged_open(struct file **lower_file,
147148
flags |= IS_RDONLY(d_inode(lower_dentry)) ? O_RDONLY : O_RDWR;
148149
(*lower_file) = dentry_open(&req.path, flags, cred);
149150
if (!IS_ERR(*lower_file))
150-
goto out;
151+
goto have_file;
151152
if ((flags & O_ACCMODE) == O_RDONLY) {
152153
rc = PTR_ERR((*lower_file));
153154
goto out;
@@ -165,8 +166,16 @@ int ecryptfs_privileged_open(struct file **lower_file,
165166
mutex_unlock(&ecryptfs_kthread_ctl.mux);
166167
wake_up(&ecryptfs_kthread_ctl.wait);
167168
wait_for_completion(&req.done);
168-
if (IS_ERR(*lower_file))
169+
if (IS_ERR(*lower_file)) {
169170
rc = PTR_ERR(*lower_file);
171+
goto out;
172+
}
173+
have_file:
174+
if ((*lower_file)->f_op->mmap == NULL) {
175+
fput(*lower_file);
176+
*lower_file = NULL;
177+
rc = -EMEDIUMTYPE;
178+
}
170179
out:
171180
return rc;
172181
}

Diff for: fs/proc/root.c

+7
Original file line numberDiff line numberDiff line change
@@ -121,6 +121,13 @@ static struct dentry *proc_mount(struct file_system_type *fs_type,
121121
if (IS_ERR(sb))
122122
return ERR_CAST(sb);
123123

124+
/*
125+
* procfs isn't actually a stacking filesystem; however, there is
126+
* too much magic going on inside it to permit stacking things on
127+
* top of it
128+
*/
129+
sb->s_stack_depth = FILESYSTEM_MAX_STACK_DEPTH;
130+
124131
if (!proc_parse_options(options, ns)) {
125132
deactivate_locked_super(sb);
126133
return ERR_PTR(-EINVAL);

Diff for: kernel/sched/core.c

+2-1
Original file line numberDiff line numberDiff line change
@@ -3170,7 +3170,8 @@ static noinline void __schedule_bug(struct task_struct *prev)
31703170
static inline void schedule_debug(struct task_struct *prev)
31713171
{
31723172
#ifdef CONFIG_SCHED_STACK_END_CHECK
3173-
BUG_ON(task_stack_end_corrupted(prev));
3173+
if (task_stack_end_corrupted(prev))
3174+
panic("corrupted stack end detected inside scheduler\n");
31743175
#endif
31753176

31763177
if (unlikely(in_atomic_preempt_off())) {

0 commit comments

Comments
 (0)