OpenSDV
/
linux-stable-rt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
linux-stable-rt/fs
History
Alexey Dobriyan 786d7e1612 Fix rmmod/read/write races in /proc entries 
Fix following races:
===========================================
1. Write via ->write_proc sleeps in copy_from_user(). Module disappears
   meanwhile. Or, more generically, system call done on /proc file, method
   supplied by module is called, module dissapeares meanwhile.

   pde = create_proc_entry()
   if (!pde)
	return -ENOMEM;
   pde->write_proc = ...
				open
				write
				copy_from_user
   pde = create_proc_entry();
   if (!pde) {
	remove_proc_entry();
	return -ENOMEM;
	/* module unloaded */
   }
				*boom*
==========================================
2. bogo-revoke aka proc_kill_inodes()

  remove_proc_entry		vfs_read
  proc_kill_inodes		[check ->f_op validness]
				[check ->f_op->read validness]
				[verify_area, security permissions checks]
	->f_op = NULL;
				if (file->f_op->read)
					/* ->f_op dereference, boom */

NOTE, NOTE, NOTE: file_operations are proxied for regular files only. Let's
see how this scheme behaves, then extend if needed for directories.
Directories creators in /proc only set ->owner for them, so proxying for
directories may be unneeded.

NOTE, NOTE, NOTE: methods being proxied are ->llseek, ->read, ->write,
->poll, ->unlocked_ioctl, ->ioctl, ->compat_ioctl, ->open, ->release.
If your in-tree module uses something else, yell on me. Full audit pending.

[akpm@linux-foundation.org: build fix]
Signed-off-by: Alexey Dobriyan <adobriyan@sw.ru>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
 		2007-07-16 09:05:39 -07:00
..
9p 9p: re-enable mount time debug option 2007-07-14 15:14:14 -05:00
adfs sendfile: remove .sendfile from filesystems that use generic_file_sendfile() 2007-07-10 08:04:13 +02:00
affs sendfile: remove .sendfile from filesystems that use generic_file_sendfile() 2007-07-10 08:04:13 +02:00
afs sendfile: remove .sendfile from filesystems that use generic_file_sendfile() 2007-07-10 08:04:13 +02:00
autofs
autofs4
befs
bfs sendfile: remove .sendfile from filesystems that use generic_file_sendfile() 2007-07-10 08:04:13 +02:00
cifs sendfile: remove .sendfile from filesystems that use generic_file_sendfile() 2007-07-10 08:04:13 +02:00
coda wrong order of arguments of ->readdir() 2007-07-15 16:40:51 -07:00
configfs
cramfs
debugfs debugfs: add rename for debugfs files 2007-07-11 16:09:00 -07:00
devpts
dlm [DLM] dump more lock values 2007-07-09 08:24:13 +01:00
ecryptfs sysfs: kill unnecessary attribute->owner 2007-07-11 16:09:06 -07:00
efs
exportfs
ext2 xip sendfile removal 2007-07-10 08:04:15 +02:00
ext3 sendfile: remove .sendfile from filesystems that use generic_file_sendfile() 2007-07-10 08:04:13 +02:00
ext4 sendfile: remove .sendfile from filesystems that use generic_file_sendfile() 2007-07-10 08:04:13 +02:00
fat sendfile: remove .sendfile from filesystems that use generic_file_sendfile() 2007-07-10 08:04:13 +02:00
freevxfs
fuse sendfile: remove .sendfile from filesystems that use generic_file_sendfile() 2007-07-10 08:04:13 +02:00
gfs2 Merge git://git.kernel.org/pub/scm/linux/kernel/git/steve/gfs2-2.6-nmw 2007-07-10 13:56:13 -07:00
hfs sendfile: remove .sendfile from filesystems that use generic_file_sendfile() 2007-07-10 08:04:13 +02:00
hfsplus sendfile: remove .sendfile from filesystems that use generic_file_sendfile() 2007-07-10 08:04:13 +02:00
hostfs sendfile: remove .sendfile from filesystems that use generic_file_sendfile() 2007-07-10 08:04:13 +02:00
hpfs sendfile: remove .sendfile from filesystems that use generic_file_sendfile() 2007-07-10 08:04:13 +02:00
hppfs
hugetlbfs shm: fix the filename of hugetlb sysv shared memory 2007-06-16 13:16:16 -07:00
isofs
jbd jbd commit: fix transaction dropping 2007-07-16 09:05:34 -07:00
jbd2 jbd2 commit: fix transaction dropping 2007-07-16 09:05:34 -07:00
jffs2 sendfile: remove .sendfile from filesystems that use generic_file_sendfile() 2007-07-10 08:04:13 +02:00
jfs sendfile: remove .sendfile from filesystems that use generic_file_sendfile() 2007-07-10 08:04:13 +02:00
lockd NLM: fix source address of callback to client 2007-07-10 23:40:49 -04:00
minix sendfile: remove .sendfile from filesystems that use generic_file_sendfile() 2007-07-10 08:04:13 +02:00
msdos
ncpfs
nfs NFSv4: Make sure unlock is really an unlock when cancelling a lock 2007-07-10 23:40:49 -04:00
nfs_common
nfsd Merge git://git.linux-nfs.org/pub/linux/nfs-2.6 2007-07-13 16:46:18 -07:00
nls
ntfs sendfile: remove .sendfile from filesystems that use generic_file_sendfile() 2007-07-10 08:04:13 +02:00
ocfs2 sysfs: kill unnecessary attribute->owner 2007-07-11 16:09:06 -07:00
openpromfs
partitions sysfs: kill unnecessary attribute->owner 2007-07-11 16:09:06 -07:00
proc Fix rmmod/read/write races in /proc entries 2007-07-16 09:05:39 -07:00
qnx4 sendfile: remove .sendfile from filesystems that use generic_file_sendfile() 2007-07-10 08:04:13 +02:00
ramfs sendfile: remove .sendfile from filesystems that use generic_file_sendfile() 2007-07-10 08:04:13 +02:00
reiserfs sendfile: remove .sendfile from filesystems that use generic_file_sendfile() 2007-07-10 08:04:13 +02:00
romfs
smbfs sendfile: remove .sendfile from filesystems that use generic_file_sendfile() 2007-07-10 08:04:13 +02:00
sysfs sysfs: add parameter "struct bin_attribute *" in .read/.write methods for sysfs binary attributes 2007-07-11 16:09:09 -07:00
sysv sendfile: remove .sendfile from filesystems that use generic_file_sendfile() 2007-07-10 08:04:13 +02:00
udf sendfile: remove .sendfile from filesystems that use generic_file_sendfile() 2007-07-10 08:04:13 +02:00
ufs sendfile: remove .sendfile from filesystems that use generic_file_sendfile() 2007-07-10 08:04:13 +02:00
vfat
xfs [XFS] Fix lockdep annotations for xfs_lock_inodes 2007-07-14 18:09:42 +10:00
Kconfig 9p: Reorganization of 9p file system code 2007-07-14 15:13:40 -05:00
Kconfig.binfmt
Makefile
aio.c
anon_inodes.c
attr.c
bad_inode.c sendfile: remove bad_sendfile() from bad_file_ops 2007-07-10 08:04:15 +02:00
binfmt_aout.c
binfmt_elf.c Fix elf_core_dump() when writing arch specific notes (spu coredumps) 2007-07-06 10:23:43 -07:00
binfmt_elf_fdpic.c
binfmt_em86.c
binfmt_flat.c
binfmt_misc.c
binfmt_script.c
binfmt_som.c
bio.c unexport bio_{,un}map_user 2007-07-10 08:03:34 +02:00
block_dev.c sendfile: remove .sendfile from filesystems that use generic_file_sendfile() 2007-07-10 08:04:13 +02:00
buffer.c
char_dev.c
compat.c
compat_ioctl.c
dcache.c
dcookies.c
direct-io.c dio: remove bogus refcounting BUG_ON 2007-07-03 18:23:23 -07:00
dnotify.c
dquot.c
drop_caches.c invalidate_mapping_pages(): add cond_resched 2007-07-16 09:05:36 -07:00
eventfd.c
eventpoll.c
exec.c
fcntl.c
fifo.c
file.c
file_table.c
filesystems.c
fs-writeback.c
generic_acl.c
inode.c
inotify.c
inotify_user.c
internal.h
ioctl.c
ioprio.c
libfs.c
locks.c
mbcache.c
mpage.c
namei.c
namespace.c
nfsctl.c
no-block.c
open.c
pipe.c pipe: add documentation and comments 2007-07-10 08:04:16 +02:00
pnode.c
pnode.h
posix_acl.c
quota.c
quota_v1.c
quota_v2.c
read_write.c Remove remnants of sendfile() 2007-07-10 08:04:15 +02:00
read_write.h
readdir.c
select.c
seq_file.c Make common helpers for seq_files that work with list_heads 2007-07-10 17:51:13 -07:00
signalfd.c avoid spurious POLLIN returns in signalfd 2007-06-28 11:34:54 -07:00
splice.c splice: fix offset mangling with direct splicing (sendfile) 2007-07-13 14:14:31 +02:00
stack.c
stat.c
super.c
sync.c Introduce fixed sys_sync_file_range2() syscall, implement on PowerPC and ARM 2007-06-28 11:38:30 -07:00
timerfd.c
utimes.c Fix permission checking for the new utimensat() system call 2007-07-08 12:02:55 -07:00
xattr.c
xattr_acl.c