qiurui
/
linux-kernelorg-stable
mirror of https://kernel.googlesource.com/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
linux-kernelorg-stable/fs/proc
History
wangzijie 2ce3d282bd proc: fix missing pde_set_flags() for net proc files 
To avoid potential UAF issues during module removal races, we use
pde_set_flags() to save proc_ops flags in PDE itself before
proc_register(), and then use pde_has_proc_*() helpers instead of directly
dereferencing pde->proc_ops->*.

However, the pde_set_flags() call was missing when creating net related
proc files.  This omission caused incorrect behavior which FMODE_LSEEK was
being cleared inappropriately in proc_reg_open() for net proc files.  Lars
reported it in this link[1].

Fix this by ensuring pde_set_flags() is called when register proc entry,
and add NULL check for proc_ops in pde_set_flags().

[wangzijie1@honor.com: stash pde->proc_ops in a local const variable, per Christian]
  Link: https://lkml.kernel.org/r/20250821105806.1453833-1-wangzijie1@honor.com
Link: https://lkml.kernel.org/r/20250818123102.959595-1-wangzijie1@honor.com
Link: https://lore.kernel.org/all/20250815195616.64497967@chagall.paradoxon.rec/ [1]
Fixes: ff7ec8dc1b ("proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al")
Signed-off-by: wangzijie <wangzijie1@honor.com>
Reported-by: Lars Wendler <polynomial-c@gmx.de>
Tested-by: Stefano Brivio <sbrivio@redhat.com>
Tested-by: Petr Vaněk <pv@excello.cz>
Tested by: Lars Wendler <polynomial-c@gmx.de>
Cc: Alexei Starovoitov <ast@kernel.org>
Cc: Alexey Dobriyan <adobriyan@gmail.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: "Edgecombe, Rick P" <rick.p.edgecombe@intel.com>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Jiri Slaby <jirislaby@kernel.org>
Cc: Kirill A. Shutemov <k.shutemov@gmail.com>
Cc: wangzijie <wangzijie1@honor.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
 		2025-08-27 22:45:44 -07:00
..
Kconfig virtio-mem: support CONFIG_PROC_VMCORE_DEVICE_RAM 2025-01-27 09:39:25 -05:00
Makefile
array.c fs/proc: do_task_stat: Fix ESP not readable during coredump 2025-01-04 10:12:18 +01:00
base.c hardening updates for v6.17-rc1 2025-07-28 17:16:12 -07:00
bootconfig.c
cmdline.c
consoles.c
cpuinfo.c
devices.c
fd.c proc_fd_getattr(): don't bother with S_ISDIR() check 2025-06-16 16:21:07 +02:00
fd.h
generic.c proc: fix missing pde_set_flags() for net proc files 2025-08-27 22:45:44 -07:00
inode.c proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al 2025-07-09 22:42:01 -07:00
internal.h Summary of significant series in this pull request: 2025-07-31 14:57:54 -07:00
interrupts.c fs/procfs: Switch to irq_get_nr_irqs() 2024-10-16 21:56:59 +02:00
kcore.c crash: Use note name macros 2025-02-10 16:56:58 -08:00
kmsg.c
loadavg.c
meminfo.c mm, vmstat: remove the NR_WRITEBACK_TEMP node_stat_item counter 2025-07-19 18:59:47 -07:00
namespaces.c switch procfs from d_set_d_op() to d_splice_alias_ops() 2025-06-10 22:13:52 -04:00
nommu.c
page.c fs: stable_page_flags(): use snapshot_page() 2025-07-24 19:12:35 -07:00
proc_net.c
proc_sysctl.c Current exclusion rules for ->d_flags stores are rather unpleasant. 2025-07-28 09:17:57 -07:00
proc_tty.c
root.c uapi: export PROCFS_ROOT_INO 2025-07-10 09:39:18 +02:00
self.c
softirqs.c proc/softirqs: replace seq_printf with seq_put_decimal_ull_width 2024-11-07 07:40:14 -10:00
stat.c fs/procfs: Switch to irq_get_nr_irqs() 2024-10-16 21:56:59 +02:00
task_mmu.c proc: proc_maps_open allow proc_mem_open to return NULL 2025-08-11 23:01:00 -07:00
task_nommu.c proc: fix the issue of proc_mem_open returning NULL 2025-05-11 17:54:05 -07:00
thread_self.c
uptime.c
util.c
version.c
vmcore.c fs/proc/vmcore: a few cleanups for vmcore_add_device_dump() 2025-07-09 22:57:56 -07:00