Commit 9e55f15d authored by Alban Crequy's avatar Alban Crequy Committed by Ben Hutchings

cgroup: reject cgroup names with '

'

commit 71b1fb5c upstream.

/proc/<pid>/cgroup contains one cgroup path on each line. If cgroup names are
allowed to contain "\n", applications cannot parse /proc/<pid>/cgroup safely.
Signed-off-by: default avatarAlban Crequy <alban.crequy@collabora.co.uk>
Signed-off-by: default avatarTejun Heo <tj@kernel.org>
[bwh: Backported to 3.2:
 - Adjust context
 - We have to get the name from the dentry pointer]
Signed-off-by: default avatarBen Hutchings <ben@decadent.org.uk>
parent ba895cc6
...@@ -3871,6 +3871,11 @@ static int cgroup_mkdir(struct inode *dir, struct dentry *dentry, int mode) ...@@ -3871,6 +3871,11 @@ static int cgroup_mkdir(struct inode *dir, struct dentry *dentry, int mode)
{ {
struct cgroup *c_parent = dentry->d_parent->d_fsdata; struct cgroup *c_parent = dentry->d_parent->d_fsdata;
/* Do not accept '\n' to prevent making /proc/<pid>/cgroup unparsable.
*/
if (strchr(dentry->d_name.name, '\n'))
return -EINVAL;
/* the vfs holds inode->i_mutex already */ /* the vfs holds inode->i_mutex already */
return cgroup_create(c_parent, dentry, mode | S_IFDIR); return cgroup_create(c_parent, dentry, mode | S_IFDIR);
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment