Cc: <linux-kernel@...>, Andrew Morton <akpm@...>, Thomas Gleixner <tglx@...>, Ingo Molnar <mingo@...>, H. Peter Anvin <hpa@...>, Alexander Viro <viro@...>
Prevents side effects from non vmalloc and non userspace page faults for
sys_mount of root filesystem with automatic fs_type detection.
do_mount_root should call with page alignment buffer. The underlaying
sys_mount does copy 4096 bytes from given parameter with function
exact_copy_from_user, and the page after "fs_names+4096" can be mapped
or not. The fault handler can never map it, address is not from vmalloc.
Signed-off-by: Henry Nestler <henry.ne@arcor.de>
---
Ingo Molnar wrote:
The patch is a nice to have, if the fault handler works properly.
I'm not shure with the VFS fix. The change only has effect for x86 and
x86_64. I'm afraid. Mostly other architectures no need to change. I
would only public the base of the problem. Perhaps no need to change here.
Sorry, was wrong copy&paste.
===================================
diff --git a/init/do_mounts.c b/init/do_mounts.c
index 3885e70..c730511 100644
--- a/init/do_mounts.c
+++ b/init/do_mounts.c
@@ -204,6 +204,7 @@ static int __init do_mount_root(char *name, char
*fs, int flags, void *data)
void __init mount_block_root(char *name, int flags)
{
char *fs_names = __getname();
+ char *fs_type = __getname();
char *p;
#ifdef CONFIG_BLOCK
char b[BDEVNAME_SIZE];
@@ -214,7 +215,12 @@ void __init mount_block_root(char *name, int flags)
get_fs_names(fs_names);
retry:
for (p = fs_names; *p; p += strlen(p)+1) {
- int err = do_mount_root(name, p, flags, root_mount_data);
+ int err;
+
+ /* fs_type must size >= PAGE_SIZE or in user space */
+ strcpy(fs_type, p);
+
+ err = do_mount_root(name, fs_type, flags, root_mount_data);
switch (err) {
case 0:
goto out;
@@ -251,6 +257,7 @@ retry:
#endif
panic("VFS: Unable to mount root fs on %s", b);
out:
+ putname(fs_type);
putname(fs_names);
}
--
