Commit f60d38cb authored by Edward Adam Davis's avatar Edward Adam Davis Committed by Christian Brauner

pidfs: when time ns disabled add check for ioctl

syzbot call pidfd_ioctl() with cmd "PIDFD_GET_TIME_NAMESPACE" and disabled
CONFIG_TIME_NS, since time_ns is NULL, it will make NULL ponter deref in
open_namespace.

Fixes: 5b08bd40 ("pidfs: allow retrieval of namespace file descriptors") # mainline only
Reported-and-tested-by: syzbot+34a0ee986f61f15da35d@syzkaller.appspotmail.com
Closes: https://syzkaller.appspot.com/bug?extid=34a0ee986f61f15da35dSigned-off-by: default avatarEdward Adam Davis <eadavis@qq.com>
Link: https://lore.kernel.org/r/tencent_7FAE8DB725EE0DD69236DDABDDDE195E4F07@qq.comSigned-off-by: default avatarChristian Brauner <brauner@kernel.org>
parent b40c8e7a
......@@ -168,6 +168,8 @@ static long pidfd_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
case PIDFD_GET_TIME_NAMESPACE:
get_time_ns(nsp->time_ns);
ns_common = to_ns_common(nsp->time_ns);
if (!nsp->time_ns)
return -EINVAL;
break;
case PIDFD_GET_TIME_FOR_CHILDREN_NAMESPACE:
get_time_ns(nsp->time_ns_for_children);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment