diff options
| author | Stefan Berger <[email protected]> | 2023-10-02 08:57:33 -0400 |
|---|---|---|
| committer | Christian Brauner <[email protected]> | 2023-11-18 14:54:07 +0100 |
| commit | 8a924db2d7b5eb69ba08b1a0af46e9f1359a9bdf (patch) | |
| tree | b404e6c0538df7026450f53cad24ffd0fe22c193 /include/uapi/linux | |
| parent | b85ea95d086471afb4ad062012a4d73cd328fa86 (diff) | |
fs: Pass AT_GETATTR_NOSEC flag to getattr interface function
When vfs_getattr_nosec() calls a filesystem's getattr interface function
then the 'nosec' should propagate into this function so that
vfs_getattr_nosec() can again be called from the filesystem's gettattr
rather than vfs_getattr(). The latter would add unnecessary security
checks that the initial vfs_getattr_nosec() call wanted to avoid.
Therefore, introduce the getattr flag GETATTR_NOSEC and allow to pass
with the new getattr_flags parameter to the getattr interface function.
In overlayfs and ecryptfs use this flag to determine which one of the
two functions to call.
In a recent code change introduced to IMA vfs_getattr_nosec() ended up
calling vfs_getattr() in overlayfs, which in turn called
security_inode_getattr() on an exiting process that did not have
current->fs set anymore, which then caused a kernel NULL pointer
dereference. With this change the call to security_inode_getattr() can
be avoided, thus avoiding the NULL pointer dereference.
Reported-by: <[email protected]>
Fixes: db1d1e8b9867 ("IMA: use vfs_getattr_nosec to get the i_version")
Cc: Alexander Viro <[email protected]>
Cc: <[email protected]>
Cc: Miklos Szeredi <[email protected]>
Cc: Amir Goldstein <[email protected]>
Cc: Tyler Hicks <[email protected]>
Cc: Mimi Zohar <[email protected]>
Suggested-by: Christian Brauner <[email protected]>
Co-developed-by: Amir Goldstein <[email protected]>
Signed-off-by: Stefan Berger <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Reviewed-by: Amir Goldstein <[email protected]>
Signed-off-by: Christian Brauner <[email protected]>
Diffstat (limited to 'include/uapi/linux')
| -rw-r--r-- | include/uapi/linux/fcntl.h | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/include/uapi/linux/fcntl.h b/include/uapi/linux/fcntl.h index 6c80f96049bd..282e90aeb163 100644 --- a/include/uapi/linux/fcntl.h +++ b/include/uapi/linux/fcntl.h @@ -116,5 +116,8 @@ #define AT_HANDLE_FID AT_REMOVEDIR /* file handle is needed to compare object identity and may not be usable to open_by_handle_at(2) */ +#if defined(__KERNEL__) +#define AT_GETATTR_NOSEC 0x80000000 +#endif #endif /* _UAPI_LINUX_FCNTL_H */ |