lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sat, 31 Mar 2012 09:53:05 +0300 From: Alexey Dobriyan <adobriyan@...il.com> To: David Madore <david+ml@...ore.org> Cc: linux-kernel@...r.kernel.org, aneesh.kumar@...ux.vnet.ibm.com, viro@...iv.linux.org.uk Subject: Re: since when does linkat() on deleted /proc/$PID/fd/$num return ENOENT ? On Fri, Mar 30, 2012 at 12:21:21PM +0200, David Madore wrote: > It used to be the case (last time I checked was around late 2008 or > early 2009) that deleted entries from /proc/$PID/fd/ could be linked > back to the filesystem by using linkat(,,,,AT_SYMLINK_FOLLOW). > > Now this just returns ENOENT. > > I'd like to understand when, how and why this change took place. What > commit introduced it and was it a deliberate move (e.g., because the > feature was a security issue of itself, or came into conflict with > something else) or was it accidental? It was explicitly prohibited since 2.6.39: commit aae8a97d3ec30788790d1720b71d76fd8eb44b73 Author: Aneesh Kumar K.V <aneesh.kumar@...ux.vnet.ibm.com> Date: Sat Jan 29 18:43:27 2011 +0530 fs: Don't allow to create hardlink for deleted file Add inode->i_nlink == 0 check in VFS. Some of the file systems do this internally. A followup patch will remove those instance. This is needed to ensure that with link by handle we don't allow to create hardlink of an unlinked file. The check also prevent a race between unlink and link Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@...ux.vnet.ibm.com> Signed-off-by: Al Viro <viro@...iv.linux.org.uk> diff --git a/fs/namei.c b/fs/namei.c index 83e92ba..33be51a 100644 --- a/fs/namei.c +++ b/fs/namei.c @@ -2906,7 +2906,11 @@ int vfs_link(struct dentry *old_dentry, struct inode *dir, struct dentry *new_de return error; mutex_lock(&inode->i_mutex); - error = dir->i_op->link(old_dentry, dir, new_dentry); + /* Make sure we don't allow creating hardlink to an unlinked file */ + if (inode->i_nlink == 0) + error = -ENOENT; + else + error = dir->i_op->link(old_dentry, dir, new_dentry); mutex_unlock(&inode->i_mutex); if (!error) fsnotify_link(dir, inode, new_dentry); -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists