lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 13 Jul 2009 15:27:44 -0400
From:	Valerie Aurora <vaurora@...hat.com>
To:	Alexander Viro <viro@...iv.linux.org.uk>,
	Jan Blunck <jblunck@...e.de>, linux-fsdevel@...r.kernel.org
Cc:	linux-kernel@...r.kernel.org
Subject: [PATCH] VFS: Add read-only users count to superblock

During the last FS summit, Al Viro suggested creating a superblock
level read-only marker so that union mounts could guarantee that the
underlying fs would not become writable.  This patch implements the
VFS support, but doesn't add any users.  The patch making union mounts
use the support is in our union mounts tree.  I think we also need
some way to pass this through NFS mounts, since a read-only NFS mount
for the bottom layer of a union mount is a common use case.

-VAL

commit b0bfe1b9023467184e138c8520a084ca1e7bf8ab
Author: Valerie Aurora (Henson) <vaurora@...hat.com>
Date:   Mon Jul 13 09:30:49 2009 -0700

    VFS: Add read-only users count to superblock
    
    While we can check if a file system is currently read-only, we can't
    guarantee that it will stay read-only.  The file system can be
    remounted read-write at any time; it's also concievable that a file
    system can be mounted a second time and converted to read-write if the
    underlying fs allows it.  This is a problem for union mounts, which
    require the underlying file system be read-only.  Add a read-only
    users count and don't allow remounts to change the file system to
    read-write or read-write mounts if there are any read-only users.
    
    Signed-off-by: Valerie Aurora (Henson) <vaurora@...hat.com>

diff --git a/fs/super.c b/fs/super.c
index 2761d3e..65972df 100644
--- a/fs/super.c
+++ b/fs/super.c
@@ -553,6 +553,15 @@ int do_remount_sb(struct super_block *sb, int flags, void *data, int force)
 	}
 	remount_rw = !(flags & MS_RDONLY) && (sb->s_flags & MS_RDONLY);
 
+	/* If we are remounting read/write, make sure that none of the
+	   users require read-only for correct operation (such as
+	   union mounts). */
+	if (remount_rw && sb->s_readonly_users) {
+		printk(KERN_INFO "%s: In use by %d read-only user(s)\n",
+		       sb->s_id, sb->s_readonly_users);
+		return -EROFS;
+	}
+
 	if (sb->s_op->remount_fs) {
 		retval = sb->s_op->remount_fs(sb, &flags, data);
 		if (retval)
@@ -889,6 +898,10 @@ vfs_kern_mount(struct file_system_type *type, int flags, const char *name, void
  	if (error)
  		goto out_sb;
 
+	error = -EROFS;
+	if (mnt->mnt_sb->s_readonly_users)
+		goto out_sb;
+
 	mnt->mnt_mountpoint = mnt->mnt_root;
 	mnt->mnt_parent = mnt;
 	up_write(&mnt->mnt_sb->s_umount);
diff --git a/include/linux/fs.h b/include/linux/fs.h
index 0872372..aff3dca 100644
--- a/include/linux/fs.h
+++ b/include/linux/fs.h
@@ -1379,6 +1379,10 @@ struct super_block {
 	 * generic_show_options()
 	 */
 	char *s_options;
+	/*
+	 * Users who require read-only access - e.g., union mounts
+	 */
+	int s_readonly_users;
 };
 
 extern struct timespec current_fs_time(struct super_block *sb);
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ