From: Christian Brauner <brauner@xxxxxxxxxx>
commit 8ce3528188207a2e1896cc3173fba6d99a59013a upstream.
Prior to doing any work, check whether the provided ioctl command is
supported by pidfs.
Signed-off-by: Christian Brauner <brauner@xxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
fs/pidfs.c | 24 ++++++++++++++++++++++++
1 file changed, 24 insertions(+)
--- a/fs/pidfs.c
+++ b/fs/pidfs.c
@@ -190,6 +190,27 @@ static long pidfd_info(struct task_struc
return 0;
}
+static bool pidfs_ioctl_valid(unsigned int cmd)
+{
+ switch (cmd) {
+ case FS_IOC_GETVERSION:
+ case PIDFD_GET_CGROUP_NAMESPACE:
+ case PIDFD_GET_INFO:
+ case PIDFD_GET_IPC_NAMESPACE:
+ case PIDFD_GET_MNT_NAMESPACE:
+ case PIDFD_GET_NET_NAMESPACE:
+ case PIDFD_GET_PID_FOR_CHILDREN_NAMESPACE:
+ case PIDFD_GET_TIME_NAMESPACE:
+ case PIDFD_GET_TIME_FOR_CHILDREN_NAMESPACE:
+ case PIDFD_GET_UTS_NAMESPACE:
+ case PIDFD_GET_USER_NAMESPACE:
+ case PIDFD_GET_PID_NAMESPACE:
+ return true;
+ }
+
+ return false;
+}
+
static long pidfd_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
{
struct task_struct *task __free(put_task) = NULL;
@@ -198,6 +219,9 @@ static long pidfd_ioctl(struct file *fil
struct ns_common *ns_common = NULL;
struct pid_namespace *pid_ns;
+ if (!pidfs_ioctl_valid(cmd))
+ return -ENOIOCTLCMD;
+
task = get_pid_task(pid, PIDTYPE_PID);
if (!task)
return -ESRCH;
Patches currently in stable-queue which might be from brauner@xxxxxxxxxx are
queue-6.13/pidfs-improve-ioctl-handling.patch
queue-6.13/fs-proc-do_task_stat-fix-esp-not-readable-during-coredump.patch
queue-6.13/pidfs-check-for-valid-ioctl-commands.patch
