Commit 1d0cffa
committed
cifs: do not allow creating sockets except with SMB1 posix exensions
RHBZ: 1453123
Since at least the 3.10 kernel and likely a lot earlier we have
not been able to create unix domain sockets in a cifs share
when mounted using the SFU mount option (except when mounted
with the cifs unix extensions to Samba e.g.)
Trying to create a socket, for example using the af_unix command from
xfstests will cause :
BUG: unable to handle kernel NULL pointer dereference at 00000000
00000040
Since no one uses or depends on being able to create unix domains sockets
on a cifs share the easiest fix to stop this vulnerability is to simply
not allow creation of any other special files than char or block devices
when sfu is used.
Added update to Ronnie's patch to handle a tcon link leak, and
to address a buf leak noticed by Gustavo and Colin.
Acked-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
CC: Colin Ian King <colin.king@canonical.com>
Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>
Reported-by: Eryu Guan <eguan@redhat.com>
Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
Signed-off-by: Steve French <smfrench@gmail.com>
Cc: stable@vger.kernel.org1 parent ff30b89 commit 1d0cffa
1 file changed
+5
-4
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
684 | 684 | | |
685 | 685 | | |
686 | 686 | | |
| 687 | + | |
| 688 | + | |
| 689 | + | |
687 | 690 | | |
688 | 691 | | |
689 | 692 | | |
| |||
692 | 695 | | |
693 | 696 | | |
694 | 697 | | |
695 | | - | |
696 | 698 | | |
697 | | - | |
698 | | - | |
| 699 | + | |
699 | 700 | | |
700 | 701 | | |
701 | 702 | | |
| |||
742 | 743 | | |
743 | 744 | | |
744 | 745 | | |
745 | | - | |
| 746 | + | |
746 | 747 | | |
747 | 748 | | |
748 | 749 | | |
| |||
0 commit comments