acct: block access to kernel internal filesystems

commit 890ed45bde808c422c3c27d3285fc45affa0f930 upstream.

There's no point in allowing anything kernel internal nor procfs or
sysfs.

Link: https://lore.kernel.org/r/20250127091811.3183623-1-quzicheng@huawei.com
Link: https://lore.kernel.org/r/20250211-work-acct-v1-2-1c16aecab8b3@kernel.org
Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
Reviewed-by: Amir Goldstein <amir73il@gmail.com>
Reported-by: Zicheng Qu <quzicheng@huawei.com>
Cc: stable@vger.kernel.org
Signed-off-by: Christian Brauner <brauner@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/kernel/acct.c b/kernel/acct.c
index e6c2535f6aa0d605a9a59bfd3c9d24d503d0dcf5..c0c79bdb921959d2d8b50937d2d2bbf721ecfd94 100644 (file)
--- a/kernel/acct.c
+++ b/kernel/acct.c
@@ -225,6 +225,20 @@ static int acct_on(struct filename *pathname)
                return -EACCES;
        }
 
+       /* Exclude kernel kernel internal filesystems. */
+       if (file_inode(file)->i_sb->s_flags & (SB_NOUSER | SB_KERNMOUNT)) {
+               kfree(acct);
+               filp_close(file, NULL);
+               return -EINVAL;
+       }
+
+       /* Exclude procfs and sysfs. */
+       if (file_inode(file)->i_sb->s_iflags & SB_I_USERNS_VISIBLE) {
+               kfree(acct);
+               filp_close(file, NULL);
+               return -EINVAL;
+       }
+
        if (!(file->f_mode & FMODE_CAN_WRITE)) {
                kfree(acct);
                filp_close(file, NULL);