linux/fs/overlayfs
Stefan Berger 3fb0fa0864 fs: Pass AT_GETATTR_NOSEC flag to getattr interface function
[ Upstream commit 8a924db2d7 ]

When vfs_getattr_nosec() calls a filesystem's getattr interface function
then the 'nosec' should propagate into this function so that
vfs_getattr_nosec() can again be called from the filesystem's gettattr
rather than vfs_getattr(). The latter would add unnecessary security
checks that the initial vfs_getattr_nosec() call wanted to avoid.
Therefore, introduce the getattr flag GETATTR_NOSEC and allow to pass
with the new getattr_flags parameter to the getattr interface function.
In overlayfs and ecryptfs use this flag to determine which one of the
two functions to call.

In a recent code change introduced to IMA vfs_getattr_nosec() ended up
calling vfs_getattr() in overlayfs, which in turn called
security_inode_getattr() on an exiting process that did not have
current->fs set anymore, which then caused a kernel NULL pointer
dereference. With this change the call to security_inode_getattr() can
be avoided, thus avoiding the NULL pointer dereference.

Reported-by: <syzbot+a67fc5321ffb4b311c98@syzkaller.appspotmail.com>
Fixes: db1d1e8b98 ("IMA: use vfs_getattr_nosec to get the i_version")
Cc: Alexander Viro <viro@zeniv.linux.org.uk>
Cc: <linux-fsdevel@vger.kernel.org>
Cc: Miklos Szeredi <miklos@szeredi.hu>
Cc: Amir Goldstein <amir73il@gmail.com>
Cc: Tyler Hicks <code@tyhicks.com>
Cc: Mimi Zohar <zohar@linux.ibm.com>
Suggested-by: Christian Brauner <brauner@kernel.org>
Co-developed-by: Amir Goldstein <amir73il@gmail.com>
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Link: https://lore.kernel.org/r/20231002125733.1251467-1-stefanb@linux.vnet.ibm.com
Reviewed-by: Amir Goldstein <amir73il@gmail.com>
Signed-off-by: Christian Brauner <brauner@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2023-12-03 07:33:03 +01:00
..
copy_up.c v6.6-rc4.vfs.fixes 2023-09-26 08:50:30 -07:00
dir.c ovl: store enum redirect_mode in config instead of a string 2023-06-19 14:02:01 +03:00
export.c ovl: fix NULL pointer defer when encoding non-decodable lower fid 2023-10-03 09:24:11 +03:00
file.c ovl: fix file reference leak when submitting aio 2023-10-02 13:08:31 +03:00
inode.c fs: Pass AT_GETATTR_NOSEC flag to getattr interface function 2023-12-03 07:33:03 +01:00
Kconfig ovl: Kconfig: introduce CONFIG_OVERLAY_FS_DEBUG 2023-08-12 19:02:53 +03:00
Makefile ovl: modify layer parameter parsing 2023-06-20 14:10:40 +03:00
namei.c ovl: make consistent use of OVL_FS() 2023-08-12 19:02:54 +03:00
overlayfs.h fs: Pass AT_GETATTR_NOSEC flag to getattr interface function 2023-12-03 07:33:03 +01:00
ovl_entry.h ovl: make use of ->layers safe in rcu pathwalk 2023-10-02 17:45:02 +03:00
params.c ovl: temporarily disable appending lowedirs 2023-10-14 22:42:45 +03:00
params.h ovl: move all parameter handling into params.{c,h} 2023-07-03 16:08:17 +03:00
readdir.c vfs: get rid of old '->iterate' directory operation 2023-08-06 15:08:35 +02:00
super.c ima: detect changes to the backing overlay file 2023-11-28 17:20:03 +00:00
util.c overlayfs update for 6.6 2023-08-30 11:54:09 -07:00