shinys000114/linux
1
0
Fork 0
mirror of https://github.com/hardkernel/linux.git synced 2026-06-11 13:27:06 +09:00
Code Issues Packages Projects Releases Wiki Activity

tracefs: Fix potential null dereference in default_file_open()

Browse Source 
Closes: #934304
This commit is contained in:
Ben Hutchings
2019-08-12 01:31:15 +01:00
parent 14b85809b4
commit cc3db3636e
3 changed files with 32 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
debian/changelog vendored
View File

@@ -5,6 +5,8 @@ linux (5.2.7-2) UNRELEASED; urgency=medium
[ Ben Hutchings ]
* [armel] fb-modules: Remove xgifb, which was removed upstream (fixes FTBFS)
* tracefs: Fix potential null dereference in default_file_open()
(Closes: #934304)
-- Salvatore Bonaccorso <carnil@debian.org> Sun, 11 Aug 2019 14:14:00 +0200

29
debian/patches/features/all/lockdown/tracefs-fix-potential-null-dereference-in-default_fi.patch vendored Normal file
View File

@@ -0,0 +1,29 @@
From: Ben Hutchings <ben@decadent.org.uk>
Date: Mon, 12 Aug 2019 01:17:32 +0100
Subject: tracefs: Fix potential null dereference in default_file_open()
Bug-Debian: https://bugs.debian.org/934304
Forwarded: https://lore.kernel.org/linux-security-module/20190812002833.2zij7tfsqtpvqu3a@decadent.org.uk/
The "open" operation in struct file_operations is optional, and
ftrace_event_id_fops does not set it. In default_file_open(), after
all other checks have passed, return 0 if the underlying struct
file_operations does not implement open.
Fixes: 757ff7244358 ("tracefs: Restrict tracefs when the kernel is …")
References: https://bugs.debian.org/934304
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
---
fs/tracefs/inode.c | 2 ++
1 file changed, 2 insertions(+)
--- a/fs/tracefs/inode.c
+++ b/fs/tracefs/inode.c
@@ -41,6 +41,8 @@ static int default_open_file(struct inod
return -EPERM;
real_fops = dentry->d_fsdata;
+ if (!real_fops->open)
+ return 0;
return real_fops->open(inode, filp);
}

1
debian/patches/series vendored
View File

@@ -120,6 +120,7 @@ features/all/lockdown/0028-efi-Add-an-EFI_SECURE_BOOT-flag-to-indicate-secure-b.
features/all/lockdown/0029-efi-Lock-down-the-kernel-if-booted-in-secure-boot-mo.patch
features/all/lockdown/0030-lockdown-Print-current-comm-in-restriction-messages.patch
features/all/lockdown/0031-tracefs-Restrict-tracefs-when-the-kernel-is-locked-d.patch
features/all/lockdown/tracefs-fix-potential-null-dereference-in-default_fi.patch
features/all/lockdown/0032-efi-Restrict-efivar_ssdt_load-when-the-kernel-is-loc.patch
# some missing pieces
features/all/lockdown/enable-cold-boot-attack-mitigation.patch