mirror of
https://mirrors.bfsu.edu.cn/git/linux.git
synced 2024-11-11 12:28:41 +08:00
a26dc49df3
This prevents malicious processes from completing random copen/cread
requests and crashing the system. Added checks are listed below:
* Generic, copen can only complete open requests, and cread can only
complete read requests.
* For copen, ondemand_id must not be 0, because this indicates that the
request has not been read by the daemon.
* For cread, the object corresponding to fd and req should be the same.
Signed-off-by: Baokun Li <libaokun1@huawei.com>
Link: https://lore.kernel.org/r/20240522114308.2402121-7-libaokun@huaweicloud.com
Acked-by: Jeff Layton <jlayton@kernel.org>
Reviewed-by: Jingbo Xu <jefflexu@linux.alibaba.com>
Signed-off-by: Christian Brauner <brauner@kernel.org>
|
||
|---|---|---|
| .. | ||
| cache.c | ||
| daemon.c | ||
| error_inject.c | ||
| interface.c | ||
| internal.h | ||
| io.c | ||
| Kconfig | ||
| key.c | ||
| main.c | ||
| Makefile | ||
| namei.c | ||
| ondemand.c | ||
| security.c | ||
| volume.c | ||
| xattr.c | ||