diff options
| author | Lennart Poettering <lennart@poettering.net> | 2022-04-11 22:04:06 +0200 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2022-04-13 14:40:13 +0200 |
| commit | a7910612a5be324d8b6994a2f7e1a2edb63ad03c (patch) | |
| tree | 609eac309c1718dbd43e894a2d9a7564a53ac9ff /src/libsystemd/sd-device | |
| parent | 1793bb611249b9525f6ed17964347d377d97e494 (diff) | |
| download | systemd-a7910612a5be324d8b6994a2f7e1a2edb63ad03c.tar.gz | |
sd-device: don't accept non-sysfs paths
There are some file systems mounted below /sys/ that are not actually
sysfs, i.e. are not arranged in a sysfs/kobject style. Let's refuse
those early. (Example, /sys/fs/cgroup/ and similar.)
(Also, let's add an env var for this, so that it can be turned off for
test cases.)
Diffstat (limited to 'src/libsystemd/sd-device')
| -rw-r--r-- | src/libsystemd/sd-device/sd-device.c | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/src/libsystemd/sd-device/sd-device.c b/src/libsystemd/sd-device/sd-device.c index eb50f592b7..0435beca16 100644 --- a/src/libsystemd/sd-device/sd-device.c +++ b/src/libsystemd/sd-device/sd-device.c @@ -13,6 +13,7 @@ #include "device-private.h" #include "device-util.h" #include "dirent-util.h" +#include "env-util.h" #include "fd-util.h" #include "fileio.h" #include "format-util.h" @@ -20,6 +21,7 @@ #include "hashmap.h" #include "id128-util.h" #include "macro.h" +#include "missing_magic.h" #include "netlink-util.h" #include "parse-util.h" #include "path-util.h" @@ -208,6 +210,21 @@ int device_set_syspath(sd_device *device, const char *_syspath, bool verify) { return log_debug_errno(SYNTHETIC_ERRNO(ENODEV), "sd-device: the syspath \"%s\" is not a directory.", syspath); } + + /* Only operate on sysfs, i.e. refuse going down into /sys/fs/cgroup/ or similar places where + * things are not arranged as kobjects in kernel, and hence don't necessarily have + * kobject/attribute structure. */ + r = getenv_bool_secure("SYSTEMD_DEVICE_VERIFY_SYSFS"); + if (r < 0 && r != -ENXIO) + log_debug_errno(r, "Failed to parse $SYSTEMD_DEVICE_VERIFY_SYSFS value: %m"); + if (r != 0) { + r = fd_is_fs_type(fd, SYSFS_MAGIC); + if (r < 0) + return log_debug_errno(r, "sd-device: failed to check if syspath \"%s\" is backed by sysfs.", syspath); + if (r == 0) + return log_debug_errno(SYNTHETIC_ERRNO(ENODEV), + "sd-device: the syspath \"%s\" is outside of sysfs, refusing.", syspath); + } } else { syspath = strdup(_syspath); if (!syspath) |