torvalds/linux
torvalds/linux
2
0
Fork 0
mirror of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2025-09-04 20:19:47 +08:00
Code
master
linux/fs/proc
History
wangzijie 2ce3d282bd proc: fix missing pde_set_flags() for net proc files 
To avoid potential UAF issues during module removal races, we use
pde_set_flags() to save proc_ops flags in PDE itself before
proc_register(), and then use pde_has_proc_*() helpers instead of directly
dereferencing pde->proc_ops->*.

However, the pde_set_flags() call was missing when creating net related
proc files.  This omission caused incorrect behavior which FMODE_LSEEK was
being cleared inappropriately in proc_reg_open() for net proc files.  Lars
reported it in this link[1].

Fix this by ensuring pde_set_flags() is called when register proc entry,
and add NULL check for proc_ops in pde_set_flags().

[wangzijie1@honor.com: stash pde->proc_ops in a local const variable, per Christian]
  Link: https://lkml.kernel.org/r/20250821105806.1453833-1-wangzijie1@honor.com
Link: https://lkml.kernel.org/r/20250818123102.959595-1-wangzijie1@honor.com
Link: https://lore.kernel.org/all/20250815195616.64497967@chagall.paradoxon.rec/ [1]
Fixes: ff7ec8dc1b ("proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al")
Signed-off-by: wangzijie <wangzijie1@honor.com>
Reported-by: Lars Wendler <polynomial-c@gmx.de>
Tested-by: Stefano Brivio <sbrivio@redhat.com>
Tested-by: Petr Vaněk <pv@excello.cz>
Tested by: Lars Wendler <polynomial-c@gmx.de>
Cc: Alexei Starovoitov <ast@kernel.org>
Cc: Alexey Dobriyan <adobriyan@gmail.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: "Edgecombe, Rick P" <rick.p.edgecombe@intel.com>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Jiri Slaby <jirislaby@kernel.org>
Cc: Kirill A. Shutemov <k.shutemov@gmail.com>
Cc: wangzijie <wangzijie1@honor.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
2025-08-27 22:45:44 -07:00
..
array.c fs/proc: do_task_stat: Fix ESP not readable during coredump 2025-01-04 10:12:18 +01:00
base.c hardening updates for v6.17-rc1 2025-07-28 17:16:12 -07:00
bootconfig.c fs/proc: Skip bootloader comment if no embedded kernel parameters 2024-04-09 23:36:18 +09:00
cmdline.c proc: mark /proc/cmdline as permanent 2023-02-02 22:50:02 -08:00
consoles.c proc: Add nbcon support for /proc/consoles 2024-09-04 15:56:33 +02:00
cpuinfo.c
devices.c proc: mark more files as permanent 2022-10-03 14:21:45 -07:00
fd.c proc_fd_getattr(): don't bother with S_ISDIR() check 2025-06-16 16:21:07 +02:00
fd.h fs: port ->permission() to pass mnt_idmap 2023-01-19 09:24:28 +01:00
generic.c proc: fix missing pde_set_flags() for net proc files 2025-08-27 22:45:44 -07:00
inode.c proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al 2025-07-09 22:42:01 -07:00
internal.h Summary of significant series in this pull request: 2025-07-31 14:57:54 -07:00
interrupts.c fs/procfs: Switch to irq_get_nr_irqs() 2024-10-16 21:56:59 +02:00
Kconfig virtio-mem: support CONFIG_PROC_VMCORE_DEVICE_RAM 2025-01-27 09:39:25 -05:00
kcore.c crash: Use note name macros 2025-02-10 16:56:58 -08:00
kmsg.c printk changes for 6.1 2022-10-10 11:24:19 -07:00
loadavg.c proc: mark more files as permanent 2022-10-03 14:21:45 -07:00
Makefile kbuild: make -Woverride-init warnings more consistent 2024-03-31 11:32:26 +09:00
meminfo.c mm, vmstat: remove the NR_WRITEBACK_TEMP node_stat_item counter 2025-07-19 18:59:47 -07:00
namespaces.c switch procfs from d_set_d_op() to d_splice_alias_ops() 2025-06-10 22:13:52 -04:00
nommu.c fs: create helper file_user_path() for user displayed mapped file path 2023-10-19 11:03:15 +02:00
page.c fs: stable_page_flags(): use snapshot_page() 2025-07-24 19:12:35 -07:00
proc_net.c fs: Add kernel-doc comments to proc_create_net_data_write() 2024-03-26 09:01:18 +01:00
proc_sysctl.c Current exclusion rules for ->d_flags stores are rather unpleasant. 2025-07-28 09:17:57 -07:00
proc_tty.c proc: delete unused <linux/uaccess.h> includes 2022-07-17 17:31:39 -07:00
root.c uapi: export PROCFS_ROOT_INO 2025-07-10 09:39:18 +02:00
self.c proc: convert to new timestamp accessors 2023-10-18 14:08:26 +02:00
softirqs.c proc/softirqs: replace seq_printf with seq_put_decimal_ull_width 2024-11-07 07:40:14 -10:00
stat.c fs/procfs: Switch to irq_get_nr_irqs() 2024-10-16 21:56:59 +02:00
task_mmu.c proc: proc_maps_open allow proc_mem_open to return NULL 2025-08-11 23:01:00 -07:00
task_nommu.c proc: fix the issue of proc_mem_open returning NULL 2025-05-11 17:54:05 -07:00
thread_self.c proc: convert to new timestamp accessors 2023-10-18 14:08:26 +02:00
uptime.c proc: mark more files as permanent 2022-10-03 14:21:45 -07:00
util.c
version.c proc: mark more files as permanent 2022-10-03 14:21:45 -07:00
vmcore.c fs/proc/vmcore: a few cleanups for vmcore_add_device_dump() 2025-07-09 22:57:56 -07:00