Re: [PATCH] vfs: Fix potential circular locking through setxattr() and removexattr()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Regarding the contents of the change itself:

On Tue 23-07-24 09:59:54, David Howells wrote:
> @@ -954,15 +952,23 @@ SYSCALL_DEFINE2(lremovexattr, const char __user *, pathname,
>  SYSCALL_DEFINE2(fremovexattr, int, fd, const char __user *, name)
>  {
>  	struct fd f = fdget(fd);
> +	char kname[XATTR_NAME_MAX + 1];
>  	int error = -EBADF;
>  
>  	if (!f.file)
>  		return error;
>  	audit_file(f.file);
> +
> +	error = strncpy_from_user(kname, name, sizeof(kname));
> +	if (error == 0 || error == sizeof(kname))
> +		error = -ERANGE;
> +	if (error < 0)
> +		return error;

Missing fdput() here.

> +
>  	error = mnt_want_write_file(f.file);
>  	if (!error) {
>  		error = removexattr(file_mnt_idmap(f.file),
> -				    f.file->f_path.dentry, name);
> +				    f.file->f_path.dentry, kname);
>  		mnt_drop_write_file(f.file);
>  	}
>  	fdput(f);

Otherwise the patch looks good to me.

								Honza
-- 
Jan Kara <jack@xxxxxxxx>
SUSE Labs, CR
[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [NTFS 3]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [NTFS 3]     [Samba]     [Device Mapper]     [CEPH Development]

  Powered by Linux