lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20100210102422.GM30031@ZenIV.linux.org.uk>
Date:	Wed, 10 Feb 2010 10:24:22 +0000
From:	Al Viro <viro@...IV.linux.org.uk>
To:	Evgeniy Polyakov <zbr@...emap.net>
Cc:	linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [WTF] ... is going on with current->fs->{root,mnt} accesses in
 pohmelfs

On Wed, Feb 10, 2010 at 01:12:46PM +0300, Evgeniy Polyakov wrote:
> On Wed, Feb 10, 2010 at 10:04:28AM +0000, Al Viro (viro@...IV.linux.org.uk) wrote:
> > a) pohmelfs_construct_path_string() will do interesting things if you
> > call it while chrooted into jail and pohmelfs mounted deeper in that
> > jail.  Try it.
> 
> Should it walk upto mountpoint?

It will happily give you path from absolute root to root of chroot jail +
path from fs root to your dentry.  Which is probably not what you want.
 
> > b) just why do we care about root of chroot jail in pohmelfs_path_length()?
> > Not to mention anything else, current->fs->root/mnt may be changed under
> > you if you share current->fs with another thread, but even aside of that,
> > why does filesystem care about chroot of caller at all?
> > 
> > What's going on there?
> 
> It tries to construct a full path upto mountpoint. Effectively it should
> do similar to non-exported dentry_path() things. There is a race between
> getting buffer size and filling with the actual path, but we take care
> about that by restarting if needed.

To mountpoint or to fs root?  And what's going on with d_find_alias()?
AFAICS, you are doing that for regular files as well as directories,
and you do support link(2) in there, so dentry (and path) obtained from
that will be random.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ