Received: by 10.223.185.116 with SMTP id b49csp5520750wrg; Tue, 27 Feb 2018 15:03:37 -0800 (PST) X-Google-Smtp-Source: AH8x224AkPjW1MC2OB/OBvSLITTlCvZ44KcSaVr3rT8zbQ5rT+LHTsIfaKKXKZIXzMJOYCyh5a5k X-Received: by 2002:a17:902:724a:: with SMTP id c10-v6mr15676992pll.98.1519772616929; Tue, 27 Feb 2018 15:03:36 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1519772616; cv=none; d=google.com; s=arc-20160816; b=z2xuncyvzad7ySv/ZYfHb9JCxfEu51UokwlbSGb3LOzGk8b+zUulsnkah7mdoeB6go bNtcDMbW9KF0K28j1RLmVAMfCjZOTInl1Gpv/mT8qoHXyqOq8ZPsxFim4N9rq0fMAPpf GdPysCNYKd3SsWJY3GrTkBEzRxVHWyMfLs+jH2aOXsMXuJYsuR7lGBanC1+MjsbiXE5W 8YAzEkM8f5wj0BEpo/22N6fBJeuUtcuy4kONwD0RmAbWBiZ4bjc0J8OoNb+FCEvaT5/z yxamuTU3M8223YPD0ALQWWGIfObEsizRlRHuCrPGbs6MiLDgVRPSkI2tsSbyFInFCS48 wIkg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature:dkim-signature :arc-authentication-results; bh=hcfnrS0cSk6o9nRSsBH14qJ6jAxiF1a8If0ifI+EpzU=; b=lxkz32/PJfopEFxg/EwRxnzaCWixWcsHTWeHC7eXXzgFF9PO/LcIJG6hgNXNpimQVL 8Pcijj8+MRxO2r62VzYDj/9H6/JQlQNaSOeL1y9bs6ym1fDgeDUCNPPjrIVu5uBmZ+YK j+Nd0/C1+00etIj8jQMfg4m02z3aECLdXi3GQNLqcHGbF4MW9wtrdteHjbkWMhGA4Ud0 sZi0vVqv7kFXDCt4YI9U1t/XZOaXGS1Us7in68jl+1FYqPtbu0vnrtSRT0FbVGBtl5Mr 4zC5/wa5oOOPcUI2xIkJ4u3Icl9YSoSXXSY5Yj3gGLyD8hy50x6HDEFeXFZM6y2jadrL GL2w== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@google.com header.s=20161025 header.b=eVYRJYaD; dkim=fail header.i=@chromium.org header.s=google header.b=dx9j+xz8; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id c62si141456pfg.240.2018.02.27.15.03.21; Tue, 27 Feb 2018 15:03:36 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@google.com header.s=20161025 header.b=eVYRJYaD; dkim=fail header.i=@chromium.org header.s=google header.b=dx9j+xz8; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751940AbeB0XCf (ORCPT + 99 others); Tue, 27 Feb 2018 18:02:35 -0500 Received: from mail-vk0-f66.google.com ([209.85.213.66]:32943 "EHLO mail-vk0-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751775AbeB0XCd (ORCPT ); Tue, 27 Feb 2018 18:02:33 -0500 Received: by mail-vk0-f66.google.com with SMTP id z130so348261vkd.0 for ; Tue, 27 Feb 2018 15:02:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=hcfnrS0cSk6o9nRSsBH14qJ6jAxiF1a8If0ifI+EpzU=; b=eVYRJYaD9cMQWbCfjfyt0CnvKYLRHiqGR2Kj08RBNJYU0pT7By3W1AJ1LaPn5nH/N3 DcI2X0Mq9t/1cb8ZypMPK3AL90NL5UFHR5rV4i4qcjxF7J7EJtt7NCXVYbgkkA2GsIXG CbqkCQSjk5VutdaNuyXMERlpUwl0ZWxDRGvHXp5qkFYXkveU5CrPT/cJXLjeN/Eh0Ik/ hP1VwQ5zU0QDJDPbMW6GLr2F8GkU7oXXcytsnqiOLdDBA7kvrkvDg4F/3j50BAuOkfTo SQ/BRCr8fBAstCzdvT1DHog9JUqmXpEts1/mfZZu6dfSTo0ObuM4E8t117QL5pmjRUg3 Pq9A== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=hcfnrS0cSk6o9nRSsBH14qJ6jAxiF1a8If0ifI+EpzU=; b=dx9j+xz8/AUNAif0/uB33o8hMUEljzhsX0fiUy+UWmGGN3Xa60YpzKQo2OJG30fPVS ra/7CVOYDaKowh91EAgwuN2JLk3RzEopdOufYKdl9dymi0+Xudw5lwPTy4eCpON+uF9b B5DYszajRM2QORfFZWzthqs8fVMghmz1IpCYo= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=hcfnrS0cSk6o9nRSsBH14qJ6jAxiF1a8If0ifI+EpzU=; b=exAzXqCGJdEMQtwPTmKaeR5+Zgjgbtrf1/p5K5R/QI4lbjU9RGE+B+e4TxYINNzeNE EFTD6E+W/CmT5okKQOaE+em13Y7yd96hmcWgYix4t7lELrUapvyXn8qrpjHflQwZEnWP OgS8M/zPtNrce6am8utvO/kq+hULkmoNRamZJuTW1Gv0dSK8kcSmSY8I05pVA5ipVB7i cO6s2DcgvhSHXwPFgW+xrQ5Gsy9v2V1XdnE/SMmaS1mDMr3UToc8FsiR17pT2sbKPudq Tq+lnpF9/u86f+cn6jKvecPC+pYbtdP3mxcp0qszesYWwjrKGoszZtaunImoOH4CmtS2 r80A== X-Gm-Message-State: APf1xPCTbqxbPKGwV8gDlNYPlWcAPsOnHwntFQu+r1alcHwKtlndAONn Fvdwl5LBGaXbQJPNTekEmeCNyhpssSx7HlxKP6FFougw X-Received: by 10.31.47.194 with SMTP id v185mr11722794vkv.121.1519772553008; Tue, 27 Feb 2018 15:02:33 -0800 (PST) MIME-Version: 1.0 Received: by 10.31.242.140 with HTTP; Tue, 27 Feb 2018 15:02:32 -0800 (PST) In-Reply-To: <20180227224358.12672-1-danilokrummrich@dk-develop.de> References: <20180227224358.12672-1-danilokrummrich@dk-develop.de> From: Kees Cook Date: Tue, 27 Feb 2018 15:02:32 -0800 X-Google-Sender-Auth: 26Zb3ZA6sAJZ5X8wP1zC5ue7VCo Message-ID: Subject: Re: [PATCH 1/2] fs/sysctl: fix potential page fault while unregistering sysctl table To: Danilo Krummrich Cc: "Luis R. Rodriguez" , LKML , "linux-fsdevel@vger.kernel.org" Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Feb 27, 2018 at 2:43 PM, Danilo Krummrich wrote: > proc_sys_link_fill_cache() does not take currently unregistering > sysctl tables into account, which might result into a page fault in > sysctl_follow_link() - add a check to fix it. > > Signed-off-by: Danilo Krummrich > --- > fs/proc/proc_sysctl.c | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/fs/proc/proc_sysctl.c b/fs/proc/proc_sysctl.c > index c5cbbdff3c3d..a0b6c647835e 100644 > --- a/fs/proc/proc_sysctl.c > +++ b/fs/proc/proc_sysctl.c > @@ -709,6 +709,9 @@ static bool proc_sys_link_fill_cache(struct file *file, > bool ret = true; Nothing appears to actually change "ret" in this function. It should likely be dropped too. > head = sysctl_head_grab(head); > > + if (IS_ERR(head)) > + return false; > + This looks sensible. I'd drop the blank line between sysctl_head_grab and the IS_ERR, though. How are you testing this change? Thanks! -Kees > if (S_ISLNK(table->mode)) { > /* It is not an error if we can not follow the link ignore it */ > int err = sysctl_follow_link(&head, &table); > -- > 2.14.1 > -- Kees Cook Pixel Security