ecryptfs: don't allow mmap when the lower fs doesn't support it

[ Upstream commit f0fe970df3838c202ef6c07a4c2b36838ef0a88b ]

There are legitimate reasons to disallow mmap on certain files, notably
in sysfs or procfs.  We shouldn't emulate mmap support on file systems
that don't offer support natively.

CVE-2016-1583

Signed-off-by: Jeff Mahoney <jeffm@suse.com>
Cc: stable@vger.kernel.org
[tyhicks: clean up f_op check by using ecryptfs_file_to_lower()]
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Signed-off-by: Sasha Levin <alexander.levin@verizon.com>
[mainline backport of commit 8c8e669bb8c5f690976883dd3b7a32d605c58d9a]
Change-Id: I47d4d1c3945782ff77bf58259fcafff4d2f7e7b3
Signed-off-by: Jaechul Lee <jcsing.lee@samsung.com>

diff --git a/fs/ecryptfs/file.c b/fs/ecryptfs/file.c
index 03488e251fa7441d0450eef123f0ba4d717a3033..b036860afad89529fc077e44a8921c62d8e6928e 100644 (file)
--- a/fs/ecryptfs/file.c
+++ b/fs/ecryptfs/file.c
@@ -267,6 +267,19 @@ int ecryptfs_propagate_fmpinfo(struct inode *inode, unsigned int flag)
 }
 #endif
 
+static int ecryptfs_mmap(struct file *file, struct vm_area_struct *vma)
+{
+       struct file *lower_file = ecryptfs_file_to_lower(file);
+       /*
+        * Don't allow mmap on top of file systems that don't support it
+        * natively.  If FILESYSTEM_MAX_STACK_DEPTH > 2 or ecryptfs
+        * allows recursive mounting, this will need to be extended.
+        */
+       if (!lower_file->f_op->mmap)
+               return -ENODEV;
+       return generic_file_mmap(file, vma);
+}
+
 /**
  * ecryptfs_open
  * @inode: inode speciying file to open
@@ -478,7 +491,7 @@ const struct file_operations ecryptfs_main_fops = {
 #ifdef CONFIG_COMPAT
        .compat_ioctl = ecryptfs_compat_ioctl,
 #endif
-       .mmap = generic_file_mmap,
+       .mmap = ecryptfs_mmap,
        .open = ecryptfs_open,
        .flush = ecryptfs_flush,
        .release = ecryptfs_release,