Google Git
Sign in
cos / third_party / kernel / 5a5b1e7dac9b7b7090c71899d63aaacc35db2f7e
commit5a5b1e7dac9b7b7090c71899d63aaacc35db2f7e[log] [tgz]
authorStefan Berger <[email protected]>Mon Oct 02 08:57:33 2023 -0400
committerCOS Cherry Picker <[email protected]>Mon Dec 18 19:35:59 2023 -0800
treea720db87d27f7f5c80a8f0a53aadd88f1128e5af
parent24f4cdd83ebb3650a41ada434d950399124eb59d [diff]
fs: Pass AT_GETATTR_NOSEC flag to getattr interface function

Commit 8a924db2d7b5eb69ba08b1a0af46e9f1359a9bdf upstream.

When vfs_getattr_nosec() calls a filesystem's getattr interface function
then the 'nosec' should propagate into this function so that
vfs_getattr_nosec() can again be called from the filesystem's gettattr
rather than vfs_getattr(). The latter would add unnecessary security
checks that the initial vfs_getattr_nosec() call wanted to avoid.
Therefore, introduce the getattr flag GETATTR_NOSEC and allow to pass
with the new getattr_flags parameter to the getattr interface function.
In overlayfs and ecryptfs use this flag to determine which one of the
two functions to call.

In a recent code change introduced to IMA vfs_getattr_nosec() ended up
calling vfs_getattr() in overlayfs, which in turn called
security_inode_getattr() on an exiting process that did not have
current->fs set anymore, which then caused a kernel NULL pointer
dereference. With this change the call to security_inode_getattr() can
be avoided, thus avoiding the NULL pointer dereference.

BUG=b/314212897
TEST=presubmit
RELEASE_NOTE=None

cos-patch: bug
Reported-by: <[email protected]>
Fixes: db1d1e8b9867 ("IMA: use vfs_getattr_nosec to get the i_version")
Cc: Alexander Viro <[email protected]>
Cc: <[email protected]>
Cc: Miklos Szeredi <[email protected]>
Cc: Amir Goldstein <[email protected]>
Cc: Tyler Hicks <[email protected]>
Cc: Mimi Zohar <[email protected]>
Suggested-by: Christian Brauner <[email protected]>
Co-developed-by: Amir Goldstein <[email protected]>
Signed-off-by: Stefan Berger <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Reviewed-by: Amir Goldstein <[email protected]>
Signed-off-by: Christian Brauner <[email protected]>
(cherry picked from commit 8a924db2d7b5eb69ba08b1a0af46e9f1359a9bdf)
Signed-off-by: Robert Kolchmeyer <[email protected]>
Change-Id: I83a788b630f6ad5d49de03cf4614ffa6ccf55355
Reviewed-on: https://cos-review.googlesource.com/c/third_party/kernel/+/62537
Reviewed-by: Oleksandr Tymoshenko <[email protected]>
Tested-by: Cusky Presubmit Bot <[email protected]>
Main-Branch-Verified: Cusky Presubmit Bot <[email protected]>
5 files changed
tree: a720db87d27f7f5c80a8f0a53aadd88f1128e5af
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. fs/
  8. google/
  9. include/
  10. init/
  11. io_uring/
  12. ipc/
  13. kernel/
  14. lib/
  15. LICENSES/
  16. mm/
  17. net/
  18. samples/
  19. scripts/
  20. security/
  21. sound/
  22. tools/
  23. usr/
  24. virt/
  25. .clang-format
  26. .cocciconfig
  27. .get_maintainer.ignore
  28. .gitattributes
  29. .gitignore
  30. .mailmap
  31. COPYING
  32. CREDITS
  33. Kbuild
  34. Kconfig
  35. MAINTAINERS
  36. Makefile
  37. PRESUBMIT.cfg
  38. README