diff options
| author | Christian Brauner <brauner@kernel.org> | 2025-02-11 18:16:00 +0100 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2025-02-27 04:30:23 -0800 |
| commit | ef5f11be76967b948b3d94dd026421c75e971010 (patch) | |
| tree | ab44533ab68aeaaa506c32d1e978e514e9231154 /kernel | |
| parent | 5a59ced8ffc71973d42c82484a719c8f6ac8f7f7 (diff) | |
| download | linux-ef5f11be76967b948b3d94dd026421c75e971010.tar.gz linux-ef5f11be76967b948b3d94dd026421c75e971010.tar.bz2 linux-ef5f11be76967b948b3d94dd026421c75e971010.zip | |
acct: block access to kernel internal filesystems
commit 890ed45bde808c422c3c27d3285fc45affa0f930 upstream.
There's no point in allowing anything kernel internal nor procfs or
sysfs.
Link: https://lore.kernel.org/r/20250127091811.3183623-1-quzicheng@huawei.com
Link: https://lore.kernel.org/r/20250211-work-acct-v1-2-1c16aecab8b3@kernel.org
Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
Reviewed-by: Amir Goldstein <amir73il@gmail.com>
Reported-by: Zicheng Qu <quzicheng@huawei.com>
Cc: stable@vger.kernel.org
Signed-off-by: Christian Brauner <brauner@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'kernel')
| -rw-r--r-- | kernel/acct.c | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/kernel/acct.c b/kernel/acct.c index 5bab78747ed3..d9d55fa4d01a 100644 --- a/kernel/acct.c +++ b/kernel/acct.c @@ -243,6 +243,20 @@ static int acct_on(struct filename *pathname) return -EACCES; } + /* Exclude kernel kernel internal filesystems. */ + if (file_inode(file)->i_sb->s_flags & (SB_NOUSER | SB_KERNMOUNT)) { + kfree(acct); + filp_close(file, NULL); + return -EINVAL; + } + + /* Exclude procfs and sysfs. */ + if (file_inode(file)->i_sb->s_iflags & SB_I_USERNS_VISIBLE) { + kfree(acct); + filp_close(file, NULL); + return -EINVAL; + } + if (!(file->f_mode & FMODE_CAN_WRITE)) { kfree(acct); filp_close(file, NULL); |