[Devel] [PATCH RHEL9 COMMIT] dm-ploop: validate file descriptors more strictly

Mon, 17 Oct 2022 06:30:27 -0700 

The commit is pushed to "branch-rh9-5.14.0-70.22.1.vz9.17.x-ovz" and will 
appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh9-5.14.0-70.22.1.vz9.17.8
------>
commit 5fa5b2c4371e75d24a19e8061dc1bc84c66d0dff
Author: Alexander Atanasov <alexander.atana...@virtuozzo.com>
Date:   Tue Sep 20 11:26:07 2022 +0300

    dm-ploop: validate file descriptors more strictly
    
     * Check if file is opened with O_DIRECT.
     * Check if the file is a regular file.
     * If missing read permission return EACCES instead of EBADF.
     * Add error messages.
    
    https://jira.sw.ru/browse/PSBM-142046
    Signed-off-by: Alexander Atanasov <alexander.atana...@virtuozzo.com>
---
 drivers/md/dm-ploop-target.c | 36 ++++++++++++++++++++++++++++++------
 1 file changed, 30 insertions(+), 6 deletions(-)

diff --git a/drivers/md/dm-ploop-target.c b/drivers/md/dm-ploop-target.c
index 4b50487b7fb5..1db5055c2e39 100644
--- a/drivers/md/dm-ploop-target.c
+++ b/drivers/md/dm-ploop-target.c
@@ -185,19 +185,43 @@ static void ploop_destroy(struct ploop *ploop)
        kfree(ploop);
 }
 
-static struct file *ploop_get_delta_file(int fd)
+static struct file *ploop_get_delta_file(struct ploop *ploop, int fd)
 {
+       struct dm_target *ti = ploop->ti;
        struct file *file;
+       int ret;
 
        file = fget(fd);
-       if (!file)
-               return ERR_PTR(-ENOENT);
+       if (!file) {
+               ti->error = "No image file set";
+               ret = -ENOENT;
+               goto out;
+       }
+
+       if (!S_ISREG(file_inode(file)->i_mode)) {
+               ti->error = "Image file is not a regular file";
+               ret = -EINVAL;
+               goto out_err;
+       }
+
+       if (!(file->f_flags & O_DIRECT)) {
+               ti->error = "Image file is opened in cached mode";
+               ret = -EINVAL;
+               goto out_err;
+       }
+
        if (!(file->f_mode & FMODE_READ)) {
-               fput(file);
-               return ERR_PTR(-EBADF);
+               ti->error = "Image file is opened with READ flag missing";
+               ret = -EACCES;
+               goto out_err;
        }
 
        return file;
+out_err:
+       fput(file);
+out:
+       return ERR_PTR(ret);
+
 }
 ALLOW_ERROR_INJECTION(ploop_get_delta_file, ERRNO_NULL);
 
@@ -274,7 +298,7 @@ static int ploop_add_deltas_stack(struct ploop *ploop, char 
**argv, int argc)
                if (kstrtos32(arg, 10, &delta_fd) < 0)
                        goto out;
 
-               file = ploop_get_delta_file(delta_fd);
+               file = ploop_get_delta_file(ploop, delta_fd);
                if (IS_ERR(file)) {
                        ret = PTR_ERR(file);
                        goto out;
_______________________________________________
Devel mailing list
Devel@openvz.org
https://lists.openvz.org/mailman/listinfo/devel

Reply via email to