autofs-5.1.7 - dont use AUTOFS_DEV_IOCTL_CLOSEMOUNT
From: Ian Kent <raven@themaw.net>
Using an ioctl (AUTOFS_DEV_IOCTL_CLOSEMOUNT) to close an autofs mount
file handle can race with copy_to_user() so the file handle needs to
be closed using close(2) instead.
Signed-off-by: Ian Kent <raven@themaw.net>
---
CHANGELOG | 1 +
lib/dev-ioctl-lib.c | 10 +---------
2 files changed, 2 insertions(+), 9 deletions(-)
diff --git a/CHANGELOG b/CHANGELOG
index 06bf24b8..51e7767e 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -68,6 +68,7 @@
- add ext_mount_hash_mutex lock helpers.
- fix amd section mounts map reload.
- fix dandling symlink creation if nis support is not available.
+- dont use AUTOFS_DEV_IOCTL_CLOSEMOUNT.
25/01/2021 autofs-5.1.7
- make bind mounts propagation slave by default.
diff --git a/lib/dev-ioctl-lib.c b/lib/dev-ioctl-lib.c
index e7a1b42a..6b549d73 100644
--- a/lib/dev-ioctl-lib.c
+++ b/lib/dev-ioctl-lib.c
@@ -404,15 +404,7 @@ err:
/* Close */
static int dev_ioctl_close(unsigned int logopt, int ioctlfd)
{
- struct autofs_dev_ioctl param;
-
- init_autofs_dev_ioctl(¶m);
- param.ioctlfd = ioctlfd;
-
- if (ioctl(ctl.devfd, AUTOFS_DEV_IOCTL_CLOSEMOUNT, ¶m) == -1)
- return -1;
-
- return 0;
+ return close(ioctlfd);
}
static int ioctl_close(unsigned int logopt, int ioctlfd)