[PATCH 5.4 361/367] tracefs: Add missing lockdown check to tracefs_create_dir()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


5.4-stable review patch.  If anyone has any objections, please let me know.


From: Steven Rostedt (Google) <rostedt@xxxxxxxxxxx>

commit 51aab5ffceb43e05119eb059048fd75765d2bc21 upstream.

The function tracefs_create_dir() was missing a lockdown check and was
called by the RV code. This gave an inconsistent behavior of this function
returning success while other tracefs functions failed. This caused the
inode being freed by the wrong kmem_cache.

Link: https://lkml.kernel.org/r/20230905182711.692687042@xxxxxxxxxxx
Link: https://lore.kernel.org/all/202309050916.58201dc6-oliver.sang@xxxxxxxxx/

Cc: stable@xxxxxxxxxxxxxxx
Cc: Masami Hiramatsu <mhiramat@xxxxxxxxxx>
Cc: Mark Rutland <mark.rutland@xxxxxxx>
Cc: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
Cc: Ajay Kaher <akaher@xxxxxxxxxx>
Cc: Ching-lin Yu <chinglinyu@xxxxxxxxxx>
Fixes: bf8e602186ec4 ("tracing: Do not create tracefs files if tracefs lockdown is in effect")
Reported-by: kernel test robot <oliver.sang@xxxxxxxxx>
Signed-off-by: Steven Rostedt (Google) <rostedt@xxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
 fs/tracefs/inode.c |    3 +++
 1 file changed, 3 insertions(+)

--- a/fs/tracefs/inode.c
+++ b/fs/tracefs/inode.c
@@ -551,6 +551,9 @@ static struct dentry *__create_dir(const
 struct dentry *tracefs_create_dir(const char *name, struct dentry *parent)
+	if (security_locked_down(LOCKDOWN_TRACEFS))
+		return NULL;
 	return __create_dir(name, parent, &simple_dir_inode_operations);

[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux