Do not allow creation of char or block special nodes with VNOVAL dev_t.
As was reported on http://seclists.org/oss-sec/2016/q3/68, tmpfs code contains assertion that rdev != VNOVAL. On FreeBSD, there is no other consequences except triggering the assert. To be compatible with systems where device nodes have some significance, reject mknod(2) call with dev == VNOVAL at the syscall level. Sponsored by: The FreeBSD Foundation MFC after: 1 week
This commit is contained in:
parent
d745ae11c9
commit
d7e8cfd63d
@ -1167,6 +1167,8 @@ kern_mknodat(struct thread *td, int fd, char *path, enum uio_seg pathseg,
|
|||||||
case S_IFCHR:
|
case S_IFCHR:
|
||||||
case S_IFBLK:
|
case S_IFBLK:
|
||||||
error = priv_check(td, PRIV_VFS_MKNOD_DEV);
|
error = priv_check(td, PRIV_VFS_MKNOD_DEV);
|
||||||
|
if (error == 0 && dev == VNOVAL)
|
||||||
|
error = EINVAL;
|
||||||
break;
|
break;
|
||||||
case S_IFMT:
|
case S_IFMT:
|
||||||
error = priv_check(td, PRIV_VFS_MKNOD_BAD);
|
error = priv_check(td, PRIV_VFS_MKNOD_BAD);
|
||||||
|
Loading…
Reference in New Issue
Block a user