diff options
author | Li Zefan <lizf@cn.fujitsu.com> | 2008-11-19 15:36:48 -0800 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2008-11-19 18:50:00 -0800 |
commit | 33d283bef23132c48195eafc21449f8ba88fce6b (patch) | |
tree | e4a04851127f2f46122cb96fc13e8da71a7bcf10 /kernel | |
parent | ea7e743e49b94749fc739baaf160809ed279aeda (diff) | |
download | linux-33d283bef23132c48195eafc21449f8ba88fce6b.tar.gz linux-33d283bef23132c48195eafc21449f8ba88fce6b.tar.bz2 linux-33d283bef23132c48195eafc21449f8ba88fce6b.zip |
cgroups: fix a serious bug in cgroupstats
Try this, and you'll get oops immediately:
# cd Documentation/accounting/
# gcc -o getdelays getdelays.c
# mount -t cgroup -o debug xxx /mnt
# ./getdelays -C /mnt/tasks
Because a normal file's dentry->d_fsdata is a pointer to struct cftype,
not struct cgroup.
After the patch, it returns EINVAL if we try to get cgroupstats
from a normal file.
Cc: Balbir Singh <balbir@linux.vnet.ibm.com>
Signed-off-by: Li Zefan <lizf@cn.fujitsu.com>
Acked-by: Paul Menage <menage@google.com>
Cc: <stable@kernel.org> [2.6.25.x, 2.6.26.x, 2.6.27.x]
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'kernel')
-rw-r--r-- | kernel/cgroup.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/kernel/cgroup.c b/kernel/cgroup.c index 1a06be61dcd0..fe00b3b983a8 100644 --- a/kernel/cgroup.c +++ b/kernel/cgroup.c @@ -2039,10 +2039,13 @@ int cgroupstats_build(struct cgroupstats *stats, struct dentry *dentry) struct cgroup *cgrp; struct cgroup_iter it; struct task_struct *tsk; + /* - * Validate dentry by checking the superblock operations + * Validate dentry by checking the superblock operations, + * and make sure it's a directory. */ - if (dentry->d_sb->s_op != &cgroup_ops) + if (dentry->d_sb->s_op != &cgroup_ops || + !S_ISDIR(dentry->d_inode->i_mode)) goto err; ret = 0; |