]> www.infradead.org Git - users/jedix/linux-maple.git/commit
projects / users / jedix / linux-maple.git / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: e31f0a5) | patch
fuse: fix UAF in rcu pathwalks
authorAl Viro <viro@zeniv.linux.org.uk>
Thu, 28 Sep 2023 04:19:39 +0000 (00:19 -0400)
committerAl Viro <viro@zeniv.linux.org.uk>
Sun, 25 Feb 2024 07:10:32 +0000 (02:10 -0500)
commit053fc4f755ad43cf35210677bcba798ccdc48d0c
tree9a05104524fe0f42cf0071bc5619ab17dbca5b72tree
parente31f0a57ae1ab2f6e17adb8e602bc120ad722232commit | diff
fuse: fix UAF in rcu pathwalks

->permission(), ->get_link() and ->inode_get_acl() might dereference
->s_fs_info (and, in case of ->permission(), ->s_fs_info->fc->user_ns
as well) when called from rcu pathwalk.

Freeing ->s_fs_info->fc is rcu-delayed; we need to make freeing ->s_fs_info
and dropping ->user_ns rcu-delayed too.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
fs/fuse/cuse.c diff | blob | history
fs/fuse/fuse_i.h diff | blob | history
fs/fuse/inode.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.