Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
pidfs: validate extensible ioctls
Validate extensible ioctls stricter than we do now.
Reviewed-by: Aleksa Sarai <cyphar@cyphar.com>
Reviewed-by: Jan Kara <jack@suse.cz>
Signed-off-by: Christian Brauner <brauner@kernel.org>
+15
-1
+1
-1
fs/pidfs.c
+1
-1
fs/pidfs.c
···
440
440
* erronously mistook the file descriptor for a pidfd.
441
441
* This is not perfect but will catch most cases.
442
442
*/
443
-
return (_IOC_TYPE(cmd) == _IOC_TYPE(PIDFD_GET_INFO));
443
+
return extensible_ioctl_valid(cmd, PIDFD_GET_INFO, PIDFD_INFO_SIZE_VER0);
444
444
}
445
445
446
446
return false;
+14
include/linux/fs.h
+14
include/linux/fs.h
···
4023
4023
4024
4024
int generic_atomic_write_valid(struct kiocb *iocb, struct iov_iter *iter);
4025
4025
4026
+
static inline bool extensible_ioctl_valid(unsigned int cmd_a,
4027
+
unsigned int cmd_b, size_t min_size)
4028
+
{
4029
+
if (_IOC_DIR(cmd_a) != _IOC_DIR(cmd_b))
4030
+
return false;
4031
+
if (_IOC_TYPE(cmd_a) != _IOC_TYPE(cmd_b))
4032
+
return false;
4033
+
if (_IOC_NR(cmd_a) != _IOC_NR(cmd_b))
4034
+
return false;
4035
+
if (_IOC_SIZE(cmd_a) < min_size)
4036
+
return false;
4037
+
return true;
4038
+
}
4039
+
4026
4040
#endif /* _LINUX_FS_H */