[Devel] [PATCH RHEL9 COMMIT] dm-ploop: validate file descriptors more strictly
Konstantin Khorenko
khorenko at virtuozzo.com
Mon Oct 17 16:29:52 MSK 2022
The commit is pushed to "branch-rh9-5.14.0-70.22.1.vz9.17.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh9-5.14.0-70.22.1.vz9.17.8
------>
commit 5fa5b2c4371e75d24a19e8061dc1bc84c66d0dff
Author: Alexander Atanasov <alexander.atanasov at virtuozzo.com>
Date: Tue Sep 20 11:26:07 2022 +0300
dm-ploop: validate file descriptors more strictly
* Check if file is opened with O_DIRECT.
* Check if the file is a regular file.
* If missing read permission return EACCES instead of EBADF.
* Add error messages.
https://jira.sw.ru/browse/PSBM-142046
Signed-off-by: Alexander Atanasov <alexander.atanasov at virtuozzo.com>
---
drivers/md/dm-ploop-target.c | 36 ++++++++++++++++++++++++++++++------
1 file changed, 30 insertions(+), 6 deletions(-)
diff --git a/drivers/md/dm-ploop-target.c b/drivers/md/dm-ploop-target.c
index 4b50487b7fb5..1db5055c2e39 100644
--- a/drivers/md/dm-ploop-target.c
+++ b/drivers/md/dm-ploop-target.c
@@ -185,19 +185,43 @@ static void ploop_destroy(struct ploop *ploop)
kfree(ploop);
}
-static struct file *ploop_get_delta_file(int fd)
+static struct file *ploop_get_delta_file(struct ploop *ploop, int fd)
{
+ struct dm_target *ti = ploop->ti;
struct file *file;
+ int ret;
file = fget(fd);
- if (!file)
- return ERR_PTR(-ENOENT);
+ if (!file) {
+ ti->error = "No image file set";
+ ret = -ENOENT;
+ goto out;
+ }
+
+ if (!S_ISREG(file_inode(file)->i_mode)) {
+ ti->error = "Image file is not a regular file";
+ ret = -EINVAL;
+ goto out_err;
+ }
+
+ if (!(file->f_flags & O_DIRECT)) {
+ ti->error = "Image file is opened in cached mode";
+ ret = -EINVAL;
+ goto out_err;
+ }
+
if (!(file->f_mode & FMODE_READ)) {
- fput(file);
- return ERR_PTR(-EBADF);
+ ti->error = "Image file is opened with READ flag missing";
+ ret = -EACCES;
+ goto out_err;
}
return file;
+out_err:
+ fput(file);
+out:
+ return ERR_PTR(ret);
+
}
ALLOW_ERROR_INJECTION(ploop_get_delta_file, ERRNO_NULL);
@@ -274,7 +298,7 @@ static int ploop_add_deltas_stack(struct ploop *ploop, char **argv, int argc)
if (kstrtos32(arg, 10, &delta_fd) < 0)
goto out;
- file = ploop_get_delta_file(delta_fd);
+ file = ploop_get_delta_file(ploop, delta_fd);
if (IS_ERR(file)) {
ret = PTR_ERR(file);
goto out;
More information about the Devel
mailing list