system/linux
system/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux synced 2024-07-05 18:00:39 +00:00
Code Issues Packages Projects Releases Wiki Activity
a2316dda07
linux/security/landlock
History
Mickaël Salaün 88da52ccd6
landlock: Fix d_parent walk 
The WARN_ON_ONCE() in collect_domain_accesses() can be triggered when
trying to link a root mount point.  This cannot work in practice because
this directory is mounted, but the VFS check is done after the call to
security_path_link().

Do not use source directory's d_parent when the source directory is the
mount point.

Cc: Günther Noack <gnoack@google.com>
Cc: Paul Moore <paul@paul-moore.com>
Cc: stable@vger.kernel.org
Reported-by: syzbot+bf4903dc7e12b18ebc87@syzkaller.appspotmail.com
Fixes: b91c3e4ea7 ("landlock: Add support for file reparenting with LANDLOCK_ACCESS_FS_REFER")
Closes: https://lore.kernel.org/r/000000000000553d3f0618198200@google.com
Link: https://lore.kernel.org/r/20240516181935.1645983-2-mic@digikod.net
[mic: Fix commit message]
Signed-off-by: Mickaël Salaün <mic@digikod.net>
2024-05-31 16:41:52 +02:00
..
.kunitconfig landlock: Add support for KUnit tests 2024-02-27 11:21:45 +01:00
common.h landlock: Add support for KUnit tests 2024-02-27 11:21:45 +01:00
cred.c LSM: Identify modules by more than name 2023-11-12 22:54:42 -05:00
cred.h landlock: Format with clang-format 2022-05-09 12:31:10 +02:00
fs.c landlock: Fix d_parent walk 2024-05-31 16:41:52 +02:00
fs.h landlock: Support file truncation 2022-10-19 09:01:44 +02:00
Kconfig landlock: Add support for KUnit tests 2024-02-27 11:21:45 +01:00
limits.h landlock: Add IOCTL access right for character and block devices 2024-05-13 06:58:29 +02:00
Makefile landlock: Rename "ptrace" files to "task" 2024-03-08 18:22:16 +01:00
net.c landlock: Simplify current_check_access_socket() 2024-03-08 18:22:13 +01:00
net.h landlock: Support network rules with TCP bind and connect 2023-10-26 21:07:15 +02:00
object.c landlock: Format with clang-format 2022-05-09 12:31:10 +02:00
object.h landlock: Format with clang-format 2022-05-09 12:31:10 +02:00
ruleset.c landlock: Optimize the number of calls to get_access_mask slightly 2024-01-03 12:43:17 +01:00
ruleset.h landlock: Support network rules with TCP bind and connect 2023-10-26 21:07:15 +02:00
setup.c landlock: Rename "ptrace" files to "task" 2024-03-08 18:22:16 +01:00
setup.h LSM: Identify modules by more than name 2023-11-12 22:54:42 -05:00
syscalls.c landlock: Add IOCTL access right for character and block devices 2024-05-13 06:58:29 +02:00
task.c landlock: Rename "ptrace" files to "task" 2024-03-08 18:22:16 +01:00
task.h landlock: Rename "ptrace" files to "task" 2024-03-08 18:22:16 +01:00