fs: Avoid userspace mounting anon_inodefs filesystem
authorJan Kara <jack@suse.cz>
Tue, 25 Mar 2014 20:37:09 +0000 (21:37 +0100)
committerLinus Torvalds <torvalds@linux-foundation.org>
Wed, 26 Mar 2014 00:42:16 +0000 (17:42 -0700)
anon_inodefs filesystem is a kernel internal filesystem userspace
shouldn't mess with. Remove registration of it so userspace cannot
even try to mount it (which would fail anyway because the filesystem is
MS_NOUSER).

This fixes an oops triggered by trinity when it tried mounting
anon_inodefs which overwrote anon_inode_inode pointer while other CPU
has been in anon_inode_getfile() between ihold() and d_instantiate().
Thus effectively creating dentry pointing to an inode without holding a
reference to it.

Reported-by: Sasha Levin <sasha.levin@oracle.com>
Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
fs/anon_inodes.c

index 24084732b1d0b264b5c3262796f1ec3dd5fc505f..4b4543b8b894124a0eb28496e9235d61328b3a8c 100644 (file)
@@ -177,9 +177,6 @@ static int __init anon_inode_init(void)
 {
        int error;
 
-       error = register_filesystem(&anon_inode_fs_type);
-       if (error)
-               goto err_exit;
        anon_inode_mnt = kern_mount(&anon_inode_fs_type);
        if (IS_ERR(anon_inode_mnt)) {
                error = PTR_ERR(anon_inode_mnt);