diff options
| author | Kees Cook <keescook@chromium.org> | 2024-05-03 13:16:25 -0700 | 
|---|---|---|
| committer | Christian Brauner <brauner@kernel.org> | 2024-05-04 11:42:01 +0200 | 
| commit | f6bdc7865ef4a7a4393c90a550c728231ebc853e (patch) | |
| tree | 133b569d8c2042107a36bb5608ee8f3ef726d838 /lib/test_fortify/write_overflow-strncpy-src.c | |
| parent | e035af9f6ebacd98774b1be2af58a5afd6d0d291 (diff) | |
fs: WARN when f_count resurrection is attempted
It should never happen that get_file() is called on a file with
f_count equal to zero. If this happens, a use-after-free condition
has happened[1], and we need to attempt a best-effort reporting of
the situation to help find the root cause more easily. Additionally,
this serves as a data corruption indicator that system owners using
warn_limit or panic_on_warn would like to have detected.
Link: https://lore.kernel.org/lkml/7c41cf3c-2a71-4dbb-8f34-0337890906fc@gmail.com/ [1]
Suggested-by: Peter Zijlstra <peterz@infradead.org>
Signed-off-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/20240503201620.work.651-kees@kernel.org
Signed-off-by: Christian Brauner <brauner@kernel.org>
Diffstat (limited to 'lib/test_fortify/write_overflow-strncpy-src.c')
0 files changed, 0 insertions, 0 deletions
