diff options
| author | KP Singh <kpsingh@kernel.org> | 2021-01-12 07:55:23 +0000 |
|---|---|---|
| committer | Daniel Borkmann <daniel@iogearbox.net> | 2021-01-12 16:07:57 +0100 |
| commit | 2f94ac19184665263b7a285ae88abe19dedf9c1b (patch) | |
| tree | 6123908e915c420e549f7c8f9682495b9a461f6c /kernel/bpf/cgroup.c | |
| parent | 84d571d46c7046a957ff3d1c916a1b9dcc7f1ce8 (diff) | |
bpf: Update local storage test to check handling of null ptrs
It was found in [1] that bpf_inode_storage_get helper did not check
the nullness of the passed owner ptr which caused an oops when
dereferenced. This change incorporates the example suggested in [1] into
the local storage selftest.
The test is updated to create a temporary directory instead of just
using a tempfile. In order to replicate the issue this copied rm binary
is renamed tiggering the inode_rename with a null pointer for the
new_inode. The logic to verify the setting and deletion of the inode
local storage of the old inode is also moved to this LSM hook.
The change also removes the copy_rm function and simply shells out
to copy files and recursively delete directories and consolidates the
logic of setting the initial inode storage to the bprm_committed_creds
hook and removes the file_open hook.
[1]: https://lore.kernel.org/bpf/CANaYP3HWkH91SN=wTNO9FL_2ztHfqcXKX38SSE-JJ2voh+vssw@mail.gmail.com
Suggested-by: Gilad Reti <gilad.reti@gmail.com>
Signed-off-by: KP Singh <kpsingh@kernel.org>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Yonghong Song <yhs@fb.com>
Link: https://lore.kernel.org/bpf/20210112075525.256820-2-kpsingh@kernel.org
Diffstat (limited to 'kernel/bpf/cgroup.c')
0 files changed, 0 insertions, 0 deletions