| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <547BB929.3020805@nod.at> Date: Mon, 01 Dec 2014 01:41:13 +0100 From: Richard Weinberger <richard@....at> To: Dave Chinner <david@...morbit.com> CC: x86@...nel.org, tglx@...utronix.de, mingo@...hat.com, hpa@...or.com, gregkh@...uxfoundation.org, rafael.j.wysocki@...el.com, pebolle@...cali.nl, linux-kernel@...r.kernel.org, "systemd-devel@...ts.freedesktop.org" <systemd-devel@...ts.freedesktop.org>, Lennart Poettering <lennart@...ttering.net> Subject: Re: [PATCH] x86: defconfig: Enable CONFIG_FHANDLE Am 01.12.2014 um 01:18 schrieb Dave Chinner: > On Sun, Nov 30, 2014 at 10:08:01PM +0100, Richard Weinberger wrote: >> Am 30.11.2014 um 21:54 schrieb Dave Chinner: >>> On Wed, Nov 26, 2014 at 12:36:52AM +0100, Richard Weinberger wrote: >>>> systemd has a hard dependency on CONFIG_FHANDLE. >>>> If you run systemd with CONFIG_FHANDLE=n it will somehow >>>> boot but fail to spawn a getty or other basic services. >>>> As systemd is now used by most x86 distributions it >>>> makes sense to enabled this by default and save kernel >>>> hackers a lot of value debugging time. >>> >>> The bigger question to me is this: why does systemd need to >>> store/open by handle rather than just opening paths directly when >>> needed? This interface is intended for stable, pathless access to >>> inodes across unmount/mount contexts (e.g. userspace NFS servers, >>> filesystem backup programs, etc) so I'm curious as to the problem >>> systemd is solving using this interface. I just can't see the >>> problem being solved here, and why path based security checks on >>> every open() aren't necessary... >> >> Digging inter systemd source shows that they are using name_to_handle_at() >> to get the mount id of a given path. > > From the name_to_handle_at() man page: > > The mount_id argument returns an identifier for the filesystem > mount that corresponds to pathname. This corresponds to the > first field in one of the records in /proc/self/mountinfo. > Opening the pathname in the fifth field of that record yields a > file descriptor for the mount point; that file descriptor can be > used in a subsequent call to open_by_handle_at(). > > So why do they need CONFIG_FHANDLE to get the mount id in userspace? > Indeed, what do they even need the mount id for? > >> The actual struct file_handle result is always ignored. > > That sounds like a classic case of interface abuse. i.e. using an > interface for something it was not designed or intended for.... CC'ing systemd folks. Lennart, can you please explain why you need CONFIG_FHANDLE for systemd? Maybe I'm reading the source horrible wrong. Thanks, //richard -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists