On Tue, Feb 11, 2025 at 06:16:00PM +0100, Christian Brauner wrote:
> There's no point in allowing anything kernel internal nor procfs or
> sysfs.
> + /* Exclude kernel kernel internal filesystems. */
> + if (file_inode(file)->i_sb->s_flags & (SB_NOUSER | SB_KERNMOUNT)) {
> + kfree(acct);
> + filp_close(file, NULL);
> + return -EINVAL;
> + }
> +
> + /* Exclude procfs and sysfs. */
> + if (file_inode(file)->i_sb->s_iflags & SB_I_USERNS_VISIBLE) {
> + kfree(acct);
> + filp_close(file, NULL);
> + return -EINVAL;
> + }
That looks like a really weird way to test it, especially the second
part...
