Re: [PATCH 2/2] acct: block access to kernel internal filesystems

From: Al Viro
Date: Tue Feb 11 2025 - 15:54:40 EST


On Tue, Feb 11, 2025 at 06:16:00PM +0100, Christian Brauner wrote:
> There's no point in allowing anything kernel internal nor procfs or
> sysfs.

> + /* Exclude kernel kernel internal filesystems. */
> + if (file_inode(file)->i_sb->s_flags & (SB_NOUSER | SB_KERNMOUNT)) {
> + kfree(acct);
> + filp_close(file, NULL);
> + return -EINVAL;
> + }
> +
> + /* Exclude procfs and sysfs. */
> + if (file_inode(file)->i_sb->s_iflags & SB_I_USERNS_VISIBLE) {
> + kfree(acct);
> + filp_close(file, NULL);
> + return -EINVAL;
> + }

That looks like a really weird way to test it, especially the second
part...