[linux] 03/04: fs: Move procfs/ecryptfs stacking check into ecryptfs, to avoid ABI change
debian-kernel at lists.debian.org
debian-kernel at lists.debian.org
Sat Dec 10 04:39:43 UTC 2016
This is an automated email from the git hooks/post-receive script.
benh pushed a commit to branch jessie
in repository linux.
commit f693d4d8878a2e32a5f99ffbe11403ed4c812466
Author: Ben Hutchings <ben at decadent.org.uk>
Date: Fri Dec 9 21:15:34 2016 +0000
fs: Move procfs/ecryptfs stacking check into ecryptfs, to avoid ABI change
---
debian/changelog | 1 +
...cfs-ecryptfs-stacking-check-into-ecryptfs.patch | 94 ++++++++++++++++++++++
debian/patches/series | 1 +
3 files changed, 96 insertions(+)
diff --git a/debian/changelog b/debian/changelog
index fc7ba0a..480f998 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -472,6 +472,7 @@ linux (3.16.39-1) UNRELEASED; urgency=medium
* [x86] video: Disable X86_SYSFB, FB_SIMPLE (Closes: #822575)
* Revert "ecryptfs: forbid opening files without mmap handler", redundant
with upstream fixes
+ * fs: Move procfs/ecryptfs stacking check into ecryptfs, to avoid ABI change
[ Julien Cristau ]
* hwrng: Add chaoskey driver, backported from 4.8 (Closes: #839616)
diff --git a/debian/patches/debian/fs-move-procfs-ecryptfs-stacking-check-into-ecryptfs.patch b/debian/patches/debian/fs-move-procfs-ecryptfs-stacking-check-into-ecryptfs.patch
new file mode 100644
index 0000000..4ed4352
--- /dev/null
+++ b/debian/patches/debian/fs-move-procfs-ecryptfs-stacking-check-into-ecryptfs.patch
@@ -0,0 +1,94 @@
+From: Ben Hutchings <ben at decadent.org.uk>
+Date: Mon, 17 Oct 2016 16:51:59 +0100
+Subject: fs: Move procfs/ecryptfs stacking check into ecryptfs
+Forwarded: not-needed
+
+The final upstream fix for CVE-2016-1583 relies on the
+super_block::s_stack_depth field which did not exist in 3.16, so that
+was added as part of the backport in 3.16.37. However, that addition
+changes ABI.
+
+Revert the changes to add and use s_stack_depth. Instead, make
+ecryptfs specifically prevent mounting on top of procfs, same as it
+already did for ecryptfs.
+
+We don't need to touch overlayfs since that doesn't exist here. We do
+have aufs, but that already prevents mounting on top of ecryptfs,
+procfs and itself. It's still possible to mount ecryptfs on top of
+aufs, but with only one layer of each, which is consistent with the
+upstream restriction to a total of 2 stacked layers.
+
+---
+--- a/fs/ecryptfs/main.c
++++ b/fs/ecryptfs/main.c
+@@ -538,10 +538,11 @@ static struct dentry *ecryptfs_mount(str
+ ecryptfs_printk(KERN_WARNING, "kern_path() failed\n");
+ goto out1;
+ }
+- if (path.dentry->d_sb->s_type == &ecryptfs_fs_type) {
++ if (path.dentry->d_sb->s_type == &ecryptfs_fs_type ||
++ path.dentry->d_sb->s_magic == PROC_SUPER_MAGIC) {
+ rc = -EINVAL;
+ printk(KERN_ERR "Mount on filesystem of type "
+- "eCryptfs explicitly disallowed due to "
++ "eCryptfs or procfs explicitly disallowed due to "
+ "known incompatibilities\n");
+ goto out_free;
+ }
+@@ -576,13 +577,6 @@ static struct dentry *ecryptfs_mount(str
+ s->s_maxbytes = path.dentry->d_sb->s_maxbytes;
+ s->s_blocksize = path.dentry->d_sb->s_blocksize;
+ s->s_magic = ECRYPTFS_SUPER_MAGIC;
+- s->s_stack_depth = path.dentry->d_sb->s_stack_depth + 1;
+-
+- rc = -EINVAL;
+- if (s->s_stack_depth > FILESYSTEM_MAX_STACK_DEPTH) {
+- pr_err("eCryptfs: maximum fs stacking depth exceeded\n");
+- goto out_free;
+- }
+
+ inode = ecryptfs_get_inode(path.dentry->d_inode, s);
+ rc = PTR_ERR(inode);
+--- a/fs/proc/root.c
++++ b/fs/proc/root.c
+@@ -121,13 +121,6 @@ static struct dentry *proc_mount(struct
+ if (IS_ERR(sb))
+ return ERR_CAST(sb);
+
+- /*
+- * procfs isn't actually a stacking filesystem; however, there is
+- * too much magic going on inside it to permit stacking things on
+- * top of it
+- */
+- sb->s_stack_depth = FILESYSTEM_MAX_STACK_DEPTH;
+-
+ if (!proc_parse_options(options, ns)) {
+ deactivate_locked_super(sb);
+ return ERR_PTR(-EINVAL);
+--- a/include/linux/fs.h
++++ b/include/linux/fs.h
+@@ -256,12 +256,6 @@ struct iattr {
+ */
+ #include <linux/quota.h>
+
+-/*
+- * Maximum number of layers of fs stack. Needs to be limited to
+- * prevent kernel stack overflow
+- */
+-#define FILESYSTEM_MAX_STACK_DEPTH 2
+-
+ /**
+ * enum positive_aop_returns - aop return codes with specific semantics
+ *
+@@ -1290,11 +1284,6 @@ struct super_block {
+ struct list_lru s_dentry_lru ____cacheline_aligned_in_smp;
+ struct list_lru s_inode_lru ____cacheline_aligned_in_smp;
+ struct rcu_head rcu;
+-
+- /*
+- * Indicates how deep in a filesystem stack this SB is
+- */
+- int s_stack_depth;
+ };
+
+ extern struct timespec current_fs_time(struct super_block *sb);
diff --git a/debian/patches/series b/debian/patches/series
index e39011c..ed0b8db 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -695,3 +695,4 @@ debian/bpf-fix-abi-change-in-3.16.35.patch
debian/fs-fix-abi-change-for-aufs-f_setfl-fix.patch
debian/migrate-fix-abi-change-in-3.16.36.patch
debian/sched-fix-abi-change-in-3.16.36.patch
+debian/fs-move-procfs-ecryptfs-stacking-check-into-ecryptfs.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/kernel/linux.git
More information about the Kernel-svn-changes
mailing list