[PATCH RFC v3 05/10] coredump: validate socket name as it is written
From: Christian Brauner
Date: Mon May 05 2025 - 07:16:42 EST
In contrast to other parameters written into
/proc/sys/kernel/core_pattern that never fail we can validate enabling
the new AF_UNIX support. This is obviously racy as hell but it's always
been that way.
Signed-off-by: Christian Brauner <brauner@xxxxxxxxxx>
---
fs/coredump.c | 17 ++++++++++++++---
1 file changed, 14 insertions(+), 3 deletions(-)
diff --git a/fs/coredump.c b/fs/coredump.c
index c60f86c473ad..d3f12ba0f150 100644
--- a/fs/coredump.c
+++ b/fs/coredump.c
@@ -1183,10 +1183,21 @@ void validate_coredump_safety(void)
static int proc_dostring_coredump(const struct ctl_table *table, int write,
void *buffer, size_t *lenp, loff_t *ppos)
{
- int error = proc_dostring(table, write, buffer, lenp, ppos);
+ int error;
+ ssize_t retval;
+ char old_core_pattern[CORENAME_MAX_SIZE];
+
+ retval = strscpy(old_core_pattern, core_pattern, CORENAME_MAX_SIZE);
+
+ error = proc_dostring(table, write, buffer, lenp, ppos);
+ if (error)
+ return error;
+ if (core_pattern[0] == '@' && strcmp(core_pattern, "@linuxafsk/coredump.socket")) {
+ strscpy(core_pattern, old_core_pattern, retval + 1);
+ return -EINVAL;
+ }
- if (!error)
- validate_coredump_safety();
+ validate_coredump_safety();
return error;
}
--
2.47.2