lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 14 Feb 2008 18:31:37 +0100
From:	Miklos Szeredi <miklos@...redi.hu>
To:	menage@...gle.com
CC:	miklos@...redi.hu, viro@...iv.linux.org.uk,
	akpm@...ux-foundation.org, linux-kernel@...r.kernel.org,
	linux-fsdevel@...r.kernel.org
Subject: Re: [PATCH] Add MS_BIND_FLAGS mount flag

> >  Maybe instead of messing with masks, it's better to introduce a
> >  get_flags() or a more general mount_stat() operation, and let
> >  userspace deal with setting and clearing flags, just as we do for
> >  stat/chmod?
> >
> >  So we'd have
> >
> >   mount_stat(path, stat);
> >   mount_bind(from, to, flags);
> >   mount_set_flags(path, flags);
> >   mount_move(from, to);
> >
> >  and perhaps
> >
> >   mount_remount(path, opt_string, flags);
> 
> Sounds reasonable to me. But it wouldn't directly solve the "do a
> recursive bind mount setting the MS_READONLY flag on all children"
> problem, so we'd need some of the earlier suggestions too.

Doh, you're right.

Let's try the original idea, but a bit cleaner:

/* flags: */
#define MNT_CTRL_RECURSE (1 << 0)

/* mnt_flags: */
#define MNT_NOSUID	0x01
#define MNT_NODEV	0x02
#define MNT_NOEXEC	0x04
#define MNT_NOATIME	0x08
#define MNT_NODIRATIME	0x10
#define MNT_RELATIME	0x20

#define MNT_SHARED	0x1000
#define MNT_UNBINDABLE	0x2000
#define MNT_PNODE_MASK	0x3000

struct mount_param {
	u64 flags;		/* control flags */
	u64 mnt_flags;		/* new mount flags */
	u64 mnt_flags_mask;	/* mask for new mount flags */
};

int mount_bindat(int fromfd, const char *frompath,
		int tofd, const char *topath,
		struct mount_param *param);

int mount_setflagsat(int fd, const char *path,
		struct mount_param *param);

int mount_moveat(int fromfd, const char *frompath,
		 int tofd, const char *topath);

...

I deliberately not used the MS_* flags, which is currently a messy mix
of things with totally different meanings.

Does this solve all the issues?

Miklos
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ