11 Feb
2025
11 Feb
'25
8:54 p.m.
On Tue, Feb 11, 2025 at 06:16:00PM +0100, Christian Brauner wrote:
There's no point in allowing anything kernel internal nor procfs or sysfs.
- /* Exclude kernel kernel internal filesystems. */
- if (file_inode(file)->i_sb->s_flags & (SB_NOUSER | SB_KERNMOUNT)) {
kfree(acct);filp_close(file, NULL);return -EINVAL;- }
- /* Exclude procfs and sysfs. */
- if (file_inode(file)->i_sb->s_iflags & SB_I_USERNS_VISIBLE) {
kfree(acct);filp_close(file, NULL);return -EINVAL;- }
That looks like a really weird way to test it, especially the second part...