Message ID | 20180419000226.26479-2-lsahlber@redhat.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
diff --git a/fs/cifs/dir.c b/fs/cifs/dir.c index 81ba6e0d88d8..2ba68fcb6df3 100644 --- a/fs/cifs/dir.c +++ b/fs/cifs/dir.c @@ -637,6 +637,9 @@ int cifs_mknod(struct inode *inode, struct dentry *direntry, umode_t mode, struct win_dev *pdev; struct kvec iov[2]; + if (S_ISSOCK(mode)) + return -EINVAL; + if (!old_valid_dev(device_number)) return -EINVAL;
RHBZ: 1453123 Since at least the 3.10 kernel and likely a lot earlier we have not been able to create unix domain sockets in a cifs share. Trying to create a socket, for example using the af_unix command from xfstests will cause : BUG: unable to handle kernel NULL pointer dereference at 00000000 00000040 Since no one uses or depends on being able to create unix domains sockets on a cifs share the easiest fix to stop this vulnerability is to simply disallow creation of such sockets. Reported-by: Eryu Guan <eguan@redhat.com> Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com> --- fs/cifs/dir.c | 3 +++ 1 file changed, 3 insertions(+)