diff options
author | Eric Biggers <ebiggers@google.com> | 2017-03-31 20:31:32 +0300 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2017-04-03 08:05:56 +0300 |
commit | 8c7493aa3e9ae90f90196f4d4c1398ad143cba7b (patch) | |
tree | 1639352862be76cb08c7b04f64a71008aeab18b9 /fs | |
parent | 75dd7e4bb663c7047c7d1bd4dad26f8c048851be (diff) | |
download | linux-8c7493aa3e9ae90f90196f4d4c1398ad143cba7b.tar.xz |
statx: reject unknown flags when using NULL path
The statx() system call currently accepts unknown flags when called with
a NULL path to operate on a file descriptor. Left unchanged, this could
make it hard to introduce new query flags in the future, since
applications may not be able to tell whether a given flag is supported.
Fix this by failing the system call with EINVAL if any flags other than
KSTAT_QUERY_FLAGS are specified in combination with a NULL path.
Arguably, we could still permit known lookup-related flags such as
AT_SYMLINK_NOFOLLOW. However, that would be inconsistent with how
sys_utimensat() behaves when passed a NULL path, which seems to be the
closest precedent. And given that the NULL path case is (I believe)
mainly intended to be used to implement a wrapper function like fstatx()
that doesn't have a path argument, I think rejecting lookup-related
flags too is probably the best choice.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'fs')
-rw-r--r-- | fs/stat.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/fs/stat.c b/fs/stat.c index fa0be59340cc..df484a60846d 100644 --- a/fs/stat.c +++ b/fs/stat.c @@ -130,9 +130,13 @@ EXPORT_SYMBOL(vfs_getattr); int vfs_statx_fd(unsigned int fd, struct kstat *stat, u32 request_mask, unsigned int query_flags) { - struct fd f = fdget_raw(fd); + struct fd f; int error = -EBADF; + if (query_flags & ~KSTAT_QUERY_FLAGS) + return -EINVAL; + + f = fdget_raw(fd); if (f.file) { error = vfs_getattr(&f.file->f_path, stat, request_mask, query_flags); |