Received: by 10.223.185.116 with SMTP id b49csp5520750wrg;
        Tue, 27 Feb 2018 15:03:37 -0800 (PST)
X-Google-Smtp-Source: AH8x224AkPjW1MC2OB/OBvSLITTlCvZ44KcSaVr3rT8zbQ5rT+LHTsIfaKKXKZIXzMJOYCyh5a5k
X-Received: by 2002:a17:902:724a:: with SMTP id c10-v6mr15676992pll.98.1519772616929;
        Tue, 27 Feb 2018 15:03:36 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1519772616; cv=none;
        d=google.com; s=arc-20160816;
        b=z2xuncyvzad7ySv/ZYfHb9JCxfEu51UokwlbSGb3LOzGk8b+zUulsnkah7mdoeB6go
         bNtcDMbW9KF0K28j1RLmVAMfCjZOTInl1Gpv/mT8qoHXyqOq8ZPsxFim4N9rq0fMAPpf
         GdPysCNYKd3SsWJY3GrTkBEzRxVHWyMfLs+jH2aOXsMXuJYsuR7lGBanC1+MjsbiXE5W
         8YAzEkM8f5wj0BEpo/22N6fBJeuUtcuy4kONwD0RmAbWBiZ4bjc0J8OoNb+FCEvaT5/z
         yxamuTU3M8223YPD0ALQWWGIfObEsizRlRHuCrPGbs6MiLDgVRPSkI2tsSbyFInFCS48
         wIkg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :references:in-reply-to:mime-version:dkim-signature:dkim-signature
         :arc-authentication-results;
        bh=hcfnrS0cSk6o9nRSsBH14qJ6jAxiF1a8If0ifI+EpzU=;
        b=lxkz32/PJfopEFxg/EwRxnzaCWixWcsHTWeHC7eXXzgFF9PO/LcIJG6hgNXNpimQVL
         8Pcijj8+MRxO2r62VzYDj/9H6/JQlQNaSOeL1y9bs6ym1fDgeDUCNPPjrIVu5uBmZ+YK
         j+Nd0/C1+00etIj8jQMfg4m02z3aECLdXi3GQNLqcHGbF4MW9wtrdteHjbkWMhGA4Ud0
         sZi0vVqv7kFXDCt4YI9U1t/XZOaXGS1Us7in68jl+1FYqPtbu0vnrtSRT0FbVGBtl5Mr
         4zC5/wa5oOOPcUI2xIkJ4u3Icl9YSoSXXSY5Yj3gGLyD8hy50x6HDEFeXFZM6y2jadrL
         GL2w==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=fail header.i=@google.com header.s=20161025 header.b=eVYRJYaD;
       dkim=fail header.i=@chromium.org header.s=google header.b=dx9j+xz8;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=chromium.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id c62si141456pfg.240.2018.02.27.15.03.21;
        Tue, 27 Feb 2018 15:03:36 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=fail header.i=@google.com header.s=20161025 header.b=eVYRJYaD;
       dkim=fail header.i=@chromium.org header.s=google header.b=dx9j+xz8;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=chromium.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751940AbeB0XCf (ORCPT <rfc822;414256we@gmail.com> + 99 others);
        Tue, 27 Feb 2018 18:02:35 -0500
Received: from mail-vk0-f66.google.com ([209.85.213.66]:32943 "EHLO
        mail-vk0-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1751775AbeB0XCd (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 27 Feb 2018 18:02:33 -0500
Received: by mail-vk0-f66.google.com with SMTP id z130so348261vkd.0
        for <linux-kernel@vger.kernel.org>; Tue, 27 Feb 2018 15:02:33 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20161025;
        h=mime-version:sender:in-reply-to:references:from:date:message-id
         :subject:to:cc;
        bh=hcfnrS0cSk6o9nRSsBH14qJ6jAxiF1a8If0ifI+EpzU=;
        b=eVYRJYaD9cMQWbCfjfyt0CnvKYLRHiqGR2Kj08RBNJYU0pT7By3W1AJ1LaPn5nH/N3
         DcI2X0Mq9t/1cb8ZypMPK3AL90NL5UFHR5rV4i4qcjxF7J7EJtt7NCXVYbgkkA2GsIXG
         CbqkCQSjk5VutdaNuyXMERlpUwl0ZWxDRGvHXp5qkFYXkveU5CrPT/cJXLjeN/Eh0Ik/
         hP1VwQ5zU0QDJDPbMW6GLr2F8GkU7oXXcytsnqiOLdDBA7kvrkvDg4F/3j50BAuOkfTo
         SQ/BRCr8fBAstCzdvT1DHog9JUqmXpEts1/mfZZu6dfSTo0ObuM4E8t117QL5pmjRUg3
         Pq9A==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=chromium.org; s=google;
        h=mime-version:sender:in-reply-to:references:from:date:message-id
         :subject:to:cc;
        bh=hcfnrS0cSk6o9nRSsBH14qJ6jAxiF1a8If0ifI+EpzU=;
        b=dx9j+xz8/AUNAif0/uB33o8hMUEljzhsX0fiUy+UWmGGN3Xa60YpzKQo2OJG30fPVS
         ra/7CVOYDaKowh91EAgwuN2JLk3RzEopdOufYKdl9dymi0+Xudw5lwPTy4eCpON+uF9b
         B5DYszajRM2QORfFZWzthqs8fVMghmz1IpCYo=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:sender:in-reply-to:references:from
         :date:message-id:subject:to:cc;
        bh=hcfnrS0cSk6o9nRSsBH14qJ6jAxiF1a8If0ifI+EpzU=;
        b=exAzXqCGJdEMQtwPTmKaeR5+Zgjgbtrf1/p5K5R/QI4lbjU9RGE+B+e4TxYINNzeNE
         EFTD6E+W/CmT5okKQOaE+em13Y7yd96hmcWgYix4t7lELrUapvyXn8qrpjHflQwZEnWP
         OgS8M/zPtNrce6am8utvO/kq+hULkmoNRamZJuTW1Gv0dSK8kcSmSY8I05pVA5ipVB7i
         cO6s2DcgvhSHXwPFgW+xrQ5Gsy9v2V1XdnE/SMmaS1mDMr3UToc8FsiR17pT2sbKPudq
         Tq+lnpF9/u86f+cn6jKvecPC+pYbtdP3mxcp0qszesYWwjrKGoszZtaunImoOH4CmtS2
         r80A==
X-Gm-Message-State: APf1xPCTbqxbPKGwV8gDlNYPlWcAPsOnHwntFQu+r1alcHwKtlndAONn
        Fvdwl5LBGaXbQJPNTekEmeCNyhpssSx7HlxKP6FFougw
X-Received: by 10.31.47.194 with SMTP id v185mr11722794vkv.121.1519772553008;
 Tue, 27 Feb 2018 15:02:33 -0800 (PST)
MIME-Version: 1.0
Received: by 10.31.242.140 with HTTP; Tue, 27 Feb 2018 15:02:32 -0800 (PST)
In-Reply-To: <20180227224358.12672-1-danilokrummrich@dk-develop.de>
References: <20180227224358.12672-1-danilokrummrich@dk-develop.de>
From:   Kees Cook <keescook@chromium.org>
Date:   Tue, 27 Feb 2018 15:02:32 -0800
X-Google-Sender-Auth: 26Zb3ZA6sAJZ5X8wP1zC5ue7VCo
Message-ID: <CAGXu5j+geUKNMu8W-+CYUD0_d_LBv+78TE5QbKx2EBeCx_oP9A@mail.gmail.com>
Subject: Re: [PATCH 1/2] fs/sysctl: fix potential page fault while
 unregistering sysctl table
To:     Danilo Krummrich <danilokrummrich@dk-develop.de>
Cc:     "Luis R. Rodriguez" <mcgrof@kernel.org>,
        LKML <linux-kernel@vger.kernel.org>,
        "linux-fsdevel@vger.kernel.org" <linux-fsdevel@vger.kernel.org>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Tue, Feb 27, 2018 at 2:43 PM, Danilo Krummrich
<danilokrummrich@dk-develop.de> wrote:
> proc_sys_link_fill_cache() does not take currently unregistering
> sysctl tables into account, which might result into a page fault in
> sysctl_follow_link() - add a check to fix it.
>
> Signed-off-by: Danilo Krummrich <danilokrummrich@dk-develop.de>
> ---
>  fs/proc/proc_sysctl.c | 3 +++
>  1 file changed, 3 insertions(+)
>
> diff --git a/fs/proc/proc_sysctl.c b/fs/proc/proc_sysctl.c
> index c5cbbdff3c3d..a0b6c647835e 100644
> --- a/fs/proc/proc_sysctl.c
> +++ b/fs/proc/proc_sysctl.c
> @@ -709,6 +709,9 @@ static bool proc_sys_link_fill_cache(struct file *file,
>         bool ret = true;

Nothing appears to actually change "ret" in this function. It should
likely be dropped too.

>         head = sysctl_head_grab(head);
>
> +       if (IS_ERR(head))
> +               return false;
> +

This looks sensible. I'd drop the blank line between sysctl_head_grab
and the IS_ERR, though.

How are you testing this change?

Thanks!

-Kees

>         if (S_ISLNK(table->mode)) {
>                 /* It is not an error if we can not follow the link ignore it */
>                 int err = sysctl_follow_link(&head, &table);
> --
> 2.14.1
>



-- 
Kees Cook
Pixel Security