lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 13 May 2010 16:56:06 +1000
From:	Neil Brown <neilb@...e.de>
To:	"Aneesh Kumar K. V" <aneesh.kumar@...ux.vnet.ibm.com>
Cc:	hch@...radead.org, viro@...iv.linux.org.uk, adilger@....com,
	corbet@....net, serue@...ibm.com, linux-fsdevel@...r.kernel.org,
	sfrench@...ibm.com, philippe.deniel@....FR,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH -V7 5/9] vfs: Add freadlink syscall

On Thu, 13 May 2010 11:55:56 +0530
"Aneesh Kumar K. V" <aneesh.kumar@...ux.vnet.ibm.com> wrote:

> On Thu, 13 May 2010 11:43:51 +1000, Neil Brown <neilb@...e.de> wrote:
> > On Wed, 12 May 2010 21:20:40 +0530
> > "Aneesh Kumar K.V" <aneesh.kumar@...ux.vnet.ibm.com> wrote:
> > 
> > > This enables to use open-by-handle and then get the link target
> > > details of a symlink using the fd returned by handle
> > > 
> > 
> > 
> > I find it very frustrating that a new syscall seems to be needed here.
> > We have 'readlinkat', and it should be enough.
> > How:  the 'dfd' has to be a 'directory', and the path name as to be non-empty.
> > 
> > The following patch allows 'path' to be NULL and in that case 'dfd' to be a
> > non-directory.  This allows readlinkat and faccessat (and probably others)
> > to be used on an fd with not following path name.
> > 
> > What do people think of this alternative?
> > 
> 
> I will add this in the next iteration and drop the freadlink syscall.
> 

I wouldn't be quite that hasty.  It was only a proposal.  It might not be
appropriate to change all those syscalls..

An alternative that I don't think is a nice, but is a lot 'safer' is
to just change readlinkat to accept a NULL path:


Signed-off-by: NeilBrown <neilb@...e.de>
diff --git a/fs/stat.c b/fs/stat.c
index c4ecd52..85d0856 100644
--- a/fs/stat.c
+++ b/fs/stat.c
@@ -284,26 +284,40 @@ SYSCALL_DEFINE2(newfstat, unsigned int, fd, struct stat __user *, statbuf)
 SYSCALL_DEFINE4(readlinkat, int, dfd, const char __user *, pathname,
 		char __user *, buf, int, bufsiz)
 {
-	struct path path;
+	struct path path, *pp;
+	struct file *file = NULL;
 	int error;
 
 	if (bufsiz <= 0)
 		return -EINVAL;
 
-	error = user_path_at(dfd, pathname, 0, &path);
+	if (filename == NULL && dfd != AT_FDCWD) {
+		struct file *file = fget(dfd);
+
+		if (file)
+			pp = &file->f_path;
+		else
+			error = -EBADF;
+	} else {
+		error = user_path_at(dfd, pathname, 0, &path);
+		pp = &path;
+	}
 	if (!error) {
-		struct inode *inode = path.dentry->d_inode;
+		struct inode *inode = pp->dentry->d_inode;
 
 		error = -EINVAL;
 		if (inode->i_op->readlink) {
-			error = security_inode_readlink(path.dentry);
+			error = security_inode_readlink(pp->dentry);
 			if (!error) {
-				touch_atime(path.mnt, path.dentry);
-				error = inode->i_op->readlink(path.dentry,
+				touch_atime(pp->mnt, pp->dentry);
+				error = inode->i_op->readlink(pp->dentry,
 							      buf, bufsiz);
 			}
 		}
-		path_put(&path);
+		if (file)
+			fput(file);
+		else
+			path_put(&path);
 	}
 	return error;
 }
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ