lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 9 Mar 2015 14:00:09 +0000 From: David Drysdale <drysdale@...gle.com> To: linux-kernel@...r.kernel.org, Alexander Viro <viro@...iv.linux.org.uk>, Kees Cook <keescook@...omium.org>, "Eric W. Biederman" <ebiederm@...ssion.com> Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>, Meredydd Luff <meredydd@...atehouse.org>, Will Drewry <wad@...omium.org>, Jorge Lucangeli Obes <jorgelo@...gle.com>, Ricky Zhou <rickyz@...gle.com>, Lee Campbell <leecam@...gle.com>, Julien Tinnes <jln@...gle.com>, Mike Depinet <mdepinet@...gle.com>, James Morris <james.l.morris@...cle.com>, Andy Lutomirski <luto@...capital.net>, Paolo Bonzini <pbonzini@...hat.com>, Paul Moore <paul@...l-moore.com>, Christoph Hellwig <hch@...radead.org>, Michael Kerrisk <mtk.manpages@...il.com>, linux-api@...r.kernel.org, linux-security-module@...r.kernel.org, fstests@...r.kernel.org, David Drysdale <drysdale@...gle.com> Subject: [PATCHv3 0/3] fs: add O_BENEATH flag to openat(2) This change adds a new O_BENEATH flag for openat(2) which restricts the provided path, rejecting (with -EPERM) paths that are not beneath the provided dfd. This change was originally included as part of a larger patchset (https://lkml.org/lkml/2014/7/25/426) for Capsicum support; however, it is potentially useful as an independent change so I've pulled it out separately here. In particular, various folks from Chrome[OS] have indicated an interest in having this functionality -- when combined with a seccomp filter it allows a directory to be accessed by a sandboxed process. Changes since v2: - Move tests into xfstests [Dave Chinner, with thanks for feedback on initial version] - Merge up to v4.0-rc3 & latest man-pages Changes since v1: - Don't needlessly duplicate flags [Al Viro] - Use EPERM rather than EACCES as error code [Paolo Bonzini] - Disallow nd_jump_link for O_BENEATH [Al Viro/Andy Lutomirski] - Add test of a jumped symlink (/proc/self/root) Changes since the version included in the Capsicum v2 patchset: - Add tests of normal symlinks - Fix man-page typo - Update patch to 3.17 Changes from v1 to v2 of Capsicum patchset: - renamed O_BENEATH_ONLY to O_BENEATH [Christoph Hellwig] David Drysdale (1): fs: add O_BENEATH flag to openat(2) arch/alpha/include/uapi/asm/fcntl.h | 1 + arch/parisc/include/uapi/asm/fcntl.h | 1 + arch/sparc/include/uapi/asm/fcntl.h | 1 + fs/fcntl.c | 4 ++-- fs/namei.c | 21 ++++++++++++++++++--- fs/open.c | 4 +++- fs/proc/base.c | 4 +++- fs/proc/namespaces.c | 8 ++++++-- include/linux/namei.h | 3 ++- include/uapi/asm-generic/fcntl.h | 4 ++++ 10 files changed, 41 insertions(+), 10 deletions(-) -- 2.2.0.rc0.207.ga3a616c -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists