lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20150829104304.GA2841@posteo.de>
Date:	Sat, 29 Aug 2015 12:43:04 +0200
From:	Dongsu Park <dpark@...teo.net>
To:	Peter Hurley <peter@...leysoftware.com>
Cc:	Al Viro <viro@...iv.linux.org.uk>,
	Andrew Morton <akpm@...ux-foundation.org>,
	linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org,
	Josh Triplett <josh@...htriplett.org>,
	David Howells <dhowells@...hat.com>,
	Alban Crequy <alban@...ocode.com>,
	Alexey Dobriyan <adobriyan@...il.com>
Subject: Re: [PATCH v2] devpts: allow mounting with uid/gid of uint32_t

On 28.08.2015 15:33, Peter Hurley wrote:
> On 08/18/2015 11:18 AM, Dongsu Park wrote:
> > ---
> >  fs/devpts/inode.c | 20 ++++++++++++++++----
> >  1 file changed, 16 insertions(+), 4 deletions(-)
> > 
> > diff --git a/fs/devpts/inode.c b/fs/devpts/inode.c
> > index c35ffdc12bba..49272fae40a7 100644
> > --- a/fs/devpts/inode.c
> > +++ b/fs/devpts/inode.c
> > @@ -188,23 +188,35 @@ static int parse_mount_options(char *data, int op, struct pts_mount_opts *opts)
> >  		token = match_token(p, tokens, args);
> >  		switch (token) {
> >  		case Opt_uid:
> > -			if (match_int(&args[0], &option))
> 
> match_int() => make_kuid/kgid is a widespread pattern in filesystems
> for handling uid/gid mount parameters.
> 
> How about adding a for-purpose string-to-uid/gid function, rather than
> open-coding?

Yeah, that sounds like a good idea.
Do you mean probably something like this? (on top of -mm tree)

Thanks,
Dongsu

----

>From ccfa5db398ba5ac31c5e0128e88abca1f6d1e6f5 Mon Sep 17 00:00:00 2001
Message-Id: <ccfa5db398ba5ac31c5e0128e88abca1f6d1e6f5.1440844226.git.dpark@...teo.net>
From: Dongsu Park <dpark@...teo.net>
Date: Sat, 29 Aug 2015 12:35:01 +0200
Subject: [PATCH v3] devpts: allow mounting with uid/gid of uint32_t

To allow devpts to be mounted with options of uid/gid of uint32_t,
we need to make use of general parsing API instead of match_int().
So introduce kstrto{uid,gid}(), wrappers around kstrtouint() as well
as make_k{uid,gid}() calls. And then make devpts parse options only
using kstrto{uid,gid}(). Doing that, mounting devpts with uid or
gid > (2^31 - 1) will work as expected, e.g.:

 # mount -t devpts devpts /tmp/devptsdir -o \
   newinstance,ptmxmode=0666,mode=620,uid=3598450688,gid=3598450693

It was originally by reported on github issue tracker of systemd:
https://github.com/systemd/systemd/issues/956

====
from v2:
 * rebase on top of -mm tree
 * split common parts for parsing uid/gid into kstrto{uid,gid}()
 * fix minor format.
 * continue to use kstrtouint() suggested by Alexey Dobriyan.

from v1: fix patch format correctly

Cc: Alexey Dobriyan <adobriyan@...il.com>
Reported-by: Alban Crequy <alban@...ocode.com>
Suggested-by: Peter Hurley <peter@...leysoftware.com>
Signed-off-by: Dongsu Park <dpark@...teo.net>
---
 fs/devpts/inode.c             | 19 +++++++++----------
 include/linux/parse-integer.h |  4 ++++
 lib/kstrtox.c                 | 40 ++++++++++++++++++++++++++++++++++++++++
 3 files changed, 53 insertions(+), 10 deletions(-)

diff --git a/fs/devpts/inode.c b/fs/devpts/inode.c
index c35ffdc12bba..fbbd71005dcb 100644
--- a/fs/devpts/inode.c
+++ b/fs/devpts/inode.c
@@ -181,6 +181,7 @@ static int parse_mount_options(char *data, int op, struct pts_mount_opts *opts)
 		substring_t args[MAX_OPT_ARGS];
 		int token;
 		int option;
+		int rc;
 
 		if (!*p)
 			continue;
@@ -188,20 +189,18 @@ static int parse_mount_options(char *data, int op, struct pts_mount_opts *opts)
 		token = match_token(p, tokens, args);
 		switch (token) {
 		case Opt_uid:
-			if (match_int(&args[0], &option))
-				return -EINVAL;
-			uid = make_kuid(current_user_ns(), option);
-			if (!uid_valid(uid))
-				return -EINVAL;
+			rc = kstrtouid(args[0].from, &uid);
+			if (rc)
+				return rc;
+
 			opts->uid = uid;
 			opts->setuid = 1;
 			break;
 		case Opt_gid:
-			if (match_int(&args[0], &option))
-				return -EINVAL;
-			gid = make_kgid(current_user_ns(), option);
-			if (!gid_valid(gid))
-				return -EINVAL;
+			rc = kstrtogid(args[0].from, &gid);
+			if (rc)
+				return rc;
+
 			opts->gid = gid;
 			opts->setgid = 1;
 			break;
diff --git a/include/linux/parse-integer.h b/include/linux/parse-integer.h
index ba620cdf3df6..2cdc4f418e00 100644
--- a/include/linux/parse-integer.h
+++ b/include/linux/parse-integer.h
@@ -2,6 +2,7 @@
 #define _PARSE_INTEGER_H
 #include <linux/compiler.h>
 #include <linux/types.h>
+#include <linux/uidgid.h>
 
 /*
  * int parse_integer(const char *s, unsigned int base, T *val);
@@ -155,6 +156,9 @@ static inline int __must_check kstrtos8(const char *s, unsigned int base, s8 *re
 	return parse_integer(s, base | PARSE_INTEGER_NEWLINE, res);
 }
 
+int __must_check kstrtouid(const char *uidstr, kuid_t *kuid);
+int __must_check kstrtogid(const char *gidstr, kgid_t *kgid);
+
 int __must_check kstrtoull_from_user(const char __user *s, size_t count, unsigned int base, unsigned long long *res);
 int __must_check kstrtoll_from_user(const char __user *s, size_t count, unsigned int base, long long *res);
 int __must_check kstrtoul_from_user(const char __user *s, size_t count, unsigned int base, unsigned long *res);
diff --git a/lib/kstrtox.c b/lib/kstrtox.c
index 1698b286d954..4c376716a72e 100644
--- a/lib/kstrtox.c
+++ b/lib/kstrtox.c
@@ -17,6 +17,8 @@
 #include <linux/math64.h>
 #include <linux/export.h>
 #include <linux/types.h>
+#include <linux/sched.h>
+#include <linux/cred.h>
 #include <asm/uaccess.h>
 #include "kstrtox.h"
 
@@ -81,6 +83,44 @@ int f(const char __user *s, size_t count, unsigned int base, type *res)	\
 }									\
 EXPORT_SYMBOL(f)
 
+int kstrtouid(const char *uidstr, kuid_t *kuid)
+{
+	uid_t uidval;
+	kuid_t kuidtmp;
+
+	int rc = kstrtouint(uidstr, 0, &uidval);
+
+	if (rc)
+		return rc;
+
+	kuidtmp = make_kuid(current_user_ns(), uidval);
+	if (!uid_valid(kuidtmp))
+		return -EINVAL;
+
+	*kuid = kuidtmp;
+	return 0;
+}
+EXPORT_SYMBOL(kstrtouid);
+
+int kstrtogid(const char *gidstr, kgid_t *kgid)
+{
+	gid_t gidval;
+	kgid_t kgidtmp;
+
+	int rc = kstrtouint(gidstr, 0, &gidval);
+
+	if (rc)
+		return rc;
+
+	kgidtmp = make_kgid(current_user_ns(), gidval);
+	if (!gid_valid(kgidtmp))
+		return -EINVAL;
+
+	*kgid = kgidtmp;
+	return 0;
+}
+EXPORT_SYMBOL(kstrtogid);
+
 kstrto_from_user(kstrtoull_from_user,	kstrtoull,	unsigned long long);
 kstrto_from_user(kstrtoll_from_user,	kstrtoll,	long long);
 kstrto_from_user(kstrtoul_from_user,	kstrtoul,	unsigned long);
-- 
2.1.0

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ