redonkable/alistair23-linux
redonkable/alistair23-linux
1
0
Fork 0
Code Releases Activity
alistair23-linux/fs
History
Ben Hutchings 40a2159abf sysfs: Disallow truncation of files in sysfs 
sysfs allows attribute files to be truncated, e.g. using ftruncate(), with the
expected effect on their inode.   For most attributes, this doesn't change the
"real" size of the file i.e. how much can be read from it.  However, the
parameter validation for reading and writing binary attribute files is based
on the inode size and not the size specified in the file's bin_attribute, so it
can be broken by this. For example, if we try using dd to write to such a file:

# pwd
/sys/bus/pci/devices/0000:08:00.0
# ls -l config
-rw-r--r--  1 root root 4096 Feb  1 17:35 config
# dd if=/dev/zero of=config bs=4 count=1
1+0 records in
1+0 records out
# ls -l config
-rw-r--r--  1 root root 0 Feb  1 17:50 config
# dd if=/dev/zero of=config bs=4 count=1 seek=128
dd: writing `config': No space left on device
1+0 records in
0+0 records out

Also, after truncation to 0, parameter validation for read and write is
disabled.  Most bin_attribute read and write methods also validate the size and
offset, but for some this will allow out-of-range access.  This may be a
security issue, though access to such files is often limited to root.  In any
case, the validation should remain for safety's sake!)

This was previously reported in Bugzilla as bug 9867.

sysfs should ignore size changes or else refuse them (by returning -EINVAL).
This patch makes it ignore them.

Signed-off-by: Ben Hutchings <bhutchings@solarflare.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-04-30 16:52:46 -07:00
..
9p [PATCH] restore sane ->umount_begin() API 2008-04-25 09:23:25 -04:00
adfs fs: replace remaining __FUNCTION__ occurrences 2008-04-30 08:29:54 -07:00
affs affs: be*_add_cpu conversion 2008-04-30 08:29:51 -07:00
afs afs: replace remaining __FUNCTION__ occurrences 2008-04-30 08:29:54 -07:00
autofs
autofs4 fs: replace remaining __FUNCTION__ occurrences 2008-04-30 08:29:54 -07:00
befs befs: fix sparse warning in linuxvfs.c 2008-04-29 08:05:59 -07:00
bfs fs: replace remaining __FUNCTION__ occurrences 2008-04-30 08:29:54 -07:00
cifs proc: remove proc_root_fs 2008-04-29 08:06:18 -07:00
coda codafs: fix build warning 2008-04-29 08:06:04 -07:00
configfs fs: replace remaining __FUNCTION__ occurrences 2008-04-30 08:29:54 -07:00
cramfs
debugfs
devpts devpts: factor out PTY index allocation 2008-04-30 08:29:48 -07:00
dlm fs: replace remaining __FUNCTION__ occurrences 2008-04-30 08:29:54 -07:00
ecryptfs Remove duplicated unlikely() in IS_ERR() 2008-04-29 08:06:25 -07:00
efs
exportfs fs: replace remaining __FUNCTION__ occurrences 2008-04-30 08:29:54 -07:00
ext2 ext2: retry block allocation if new blocks are allocated from system zone 2008-04-28 08:58:43 -07:00
ext3 ext3: fix test ext_generic_write_end() copied return value 2008-04-29 22:01:27 -04:00
ext4 ext4: fix test ext_generic_write_end() copied return value 2008-04-29 22:01:18 -04:00
fat fs: replace remaining __FUNCTION__ occurrences 2008-04-30 08:29:54 -07:00
freevxfs fs/freevxfs/: proper externs 2008-04-29 08:06:00 -07:00
fuse fuse: fix sparse warnings 2008-04-30 08:29:51 -07:00
gfs2 fs: replace remaining __FUNCTION__ occurrences 2008-04-30 08:29:54 -07:00
hfs hfs: fix warning with 64k PAGE_SIZE 2008-04-30 08:29:52 -07:00
hfsplus hfsplus: fix warning with 64k PAGE_SIZE 2008-04-30 08:29:52 -07:00
hostfs
hpfs
hppfs
hugetlbfs mm: bdi: add separate writeback accounting capability 2008-04-30 08:29:50 -07:00
isofs isofs: fix access to unallocated memory when reading corrupted filesystem 2008-04-30 08:29:33 -07:00
jbd jbd: replace remaining __FUNCTION__ occurrences 2008-04-28 08:58:45 -07:00
jbd2 jbd2: use non-racy method for proc entries creation 2008-04-29 08:06:20 -07:00
jffs2 fs: replace remaining __FUNCTION__ occurrences 2008-04-30 08:29:54 -07:00
jfs proc: remove proc_root_fs 2008-04-29 08:06:18 -07:00
lockd fs: replace remaining __FUNCTION__ occurrences 2008-04-30 08:29:54 -07:00
minix
msdos fs: replace remaining __FUNCTION__ occurrences 2008-04-30 08:29:54 -07:00
ncpfs ncpfs: use get/put_unaligned_* helpers 2008-04-29 08:06:28 -07:00
nfs mm: bdi: expose the BDI object in sysfs for NFS 2008-04-30 08:29:49 -07:00
nfs_common
nfsd fs: replace remaining __FUNCTION__ occurrences 2008-04-30 08:29:54 -07:00
nls
ntfs fs: replace remaining __FUNCTION__ occurrences 2008-04-30 08:29:54 -07:00
ocfs2 mm: bdi: add separate writeback accounting capability 2008-04-30 08:29:50 -07:00
openpromfs
partitions fs: replace remaining __FUNCTION__ occurrences 2008-04-30 08:29:54 -07:00
proc mm: Add NR_WRITEBACK_TEMP counter 2008-04-30 08:29:50 -07:00
qnx4
ramfs mm: bdi: add separate writeback accounting capability 2008-04-30 08:29:50 -07:00
reiserfs reiserfs: use open_bdev_excl 2008-04-30 08:29:51 -07:00
romfs
smbfs fs: replace remaining __FUNCTION__ occurrences 2008-04-30 08:29:54 -07:00
sysfs sysfs: Disallow truncation of files in sysfs 2008-04-30 16:52:46 -07:00
sysv sysv: [bl]e*_add_cpu conversion 2008-04-30 08:29:52 -07:00
udf fs: replace remaining __FUNCTION__ occurrences 2008-04-30 08:29:54 -07:00
ufs ufs: replace __inline with inline 2008-04-28 08:58:45 -07:00
vfat fs: replace remaining __FUNCTION__ occurrences 2008-04-30 08:29:54 -07:00
xfs [XFS] Include linux/random.h in all builds, not just debug. 2008-04-30 07:53:50 -07:00
aio.c debugobjects: add timer specific object debugging code 2008-04-30 08:29:53 -07:00
anon_inodes.c
attr.c
bad_inode.c
binfmt_aout.c fs/binfmt_aout.c: use printk_ratelimit() 2008-04-29 08:06:04 -07:00
binfmt_elf.c elf: fix shadowed variables in fs/binfmt_elf.c 2008-04-29 08:06:16 -07:00
binfmt_elf_fdpic.c fdpic: check that the size returned by kernel_read() is what we asked for 2008-04-29 08:06:05 -07:00
binfmt_em86.c binfmt_misc.c: avoid potential kernel stack overflow 2008-04-29 08:06:04 -07:00
binfmt_flat.c procfs task exe symlink 2008-04-29 08:06:17 -07:00
binfmt_misc.c binfmt_misc.c: avoid potential kernel stack overflow 2008-04-29 08:06:04 -07:00
binfmt_script.c binfmt_misc.c: avoid potential kernel stack overflow 2008-04-29 08:06:04 -07:00
binfmt_som.c [PATCH] sanitize handling of shared descriptor tables in failing execve() 2008-04-25 09:23:53 -04:00
bio.c block: add dma alignment and padding support to blk_rq_map_kern 2008-04-29 09:50:34 +02:00
block_dev.c
buffer.c fs: replace remaining __FUNCTION__ occurrences 2008-04-30 08:29:54 -07:00
char_dev.c fs: remove unused fops from struct char_device_struct 2008-04-29 08:06:01 -07:00
compat.c signals: use HAVE_SET_RESTORE_SIGMASK 2008-04-30 08:29:37 -07:00
compat_binfmt_elf.c
compat_ioctl.c tty: The big operations rework 2008-04-30 08:29:47 -07:00
dcache.c [patch 2/7] vfs: mountinfo: add seq_file_root() 2008-04-23 00:04:38 -04:00
dcookies.c
direct-io.c
dnotify.c
dquot.c quota: quota core changes for quotaon on remount 2008-04-28 08:58:33 -07:00
drop_caches.c vfs: skip inodes without pages to free in drop_pagecache_sb() 2008-04-29 08:06:05 -07:00
eventfd.c
eventpoll.c signals: use HAVE_SET_RESTORE_SIGMASK 2008-04-30 08:29:37 -07:00
exec.c document de_thread() with exit_notify() connection 2008-04-30 08:29:38 -07:00
fcntl.c [PATCH] sanitize locate_fd() 2008-04-25 09:24:05 -04:00
fifo.c
file.c
file_table.c [PATCH] r/o bind mounts: debugging for missed calls 2008-04-19 00:29:28 -04:00
filesystems.c
fs-writeback.c fs/fs-writeback.c: make 2 functions static 2008-04-29 08:06:00 -07:00
generic_acl.c
inode.c fs/inode.c: use hlist_for_each_entry() 2008-04-29 08:06:06 -07:00
inotify.c
inotify_user.c Remove duplicated unlikely() in IS_ERR() 2008-04-29 08:06:25 -07:00
internal.h [PATCH] move a bunch of declarations to fs/internal.h 2008-04-21 23:11:01 -04:00
ioctl.c make vfs_ioctl() static 2008-04-29 08:06:00 -07:00
ioprio.c
Kconfig [S390] System z large page support. 2008-04-30 13:38:47 +02:00
Kconfig.binfmt make BINFMT_FLAT a bool 2008-04-29 08:06:01 -07:00
libfs.c
locks.c Export __locks_copy_lock() so modular lockd builds 2008-04-25 15:49:46 -07:00
Makefile
mbcache.c
mpage.c
namei.c cgroups: implement device whitelist 2008-04-29 08:06:09 -07:00
namespace.c fs: replace remaining __FUNCTION__ occurrences 2008-04-30 08:29:54 -07:00
nfsctl.c
no-block.c
open.c xip: support non-struct page backed memory 2008-04-28 08:58:23 -07:00
pipe.c [PATCH] double-free of inode on alloc_file() failure exit in create_write_pipe() 2008-04-22 19:54:57 -04:00
pnode.c [patch 7/7] vfs: mountinfo: show dominating group id 2008-04-23 00:05:09 -04:00
pnode.h [patch 7/7] vfs: mountinfo: show dominating group id 2008-04-23 00:05:09 -04:00
posix_acl.c
quota.c quota: quota core changes for quotaon on remount 2008-04-28 08:58:33 -07:00
quota_v1.c quota: do not allow setting of quota limits to too high values 2008-04-28 08:58:32 -07:00
quota_v2.c quota: le*_add_cpu conversion 2008-04-30 08:29:51 -07:00
read_write.c fs: use loff_t type instead of long long 2008-04-22 15:17:11 -07:00
read_write.h
readdir.c
select.c signals: use HAVE_SET_RESTORE_SIGMASK 2008-04-30 08:29:37 -07:00
seq_file.c [patch 2/7] vfs: mountinfo: add seq_file_root() 2008-04-23 00:04:38 -04:00
signalfd.c
splice.c relay: fix splice problem 2008-04-29 09:48:15 +02:00
stack.c
stat.c
super.c make __put_super() static 2008-04-29 08:06:00 -07:00
sync.c vfs: fix unconditional write_super() call in file_fsync() 2008-04-29 08:06:06 -07:00
timerfd.c fs/timerfd.c should #include <linux/syscalls.h> 2008-04-29 08:06:01 -07:00
utimes.c [PATCH] r/o bind mounts: elevate write count for do_utimes() 2008-04-19 00:29:24 -04:00
xattr.c xattr: add missing consts to function arguments 2008-04-29 08:06:06 -07:00
xattr_acl.c