lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Fri, 20 Nov 2015 16:08:42 +0000
From:	Al Viro <viro@...IV.linux.org.uk>
To:	David Howells <dhowells@...hat.com>
Cc:	linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	linux-security-module@...r.kernel.org, miklos@...redi.hu
Subject: Re: [RFC] readlink()-related oddities

On Fri, Nov 20, 2015 at 09:59:05AM +0000, David Howells wrote:
> Al Viro <viro@...IV.linux.org.uk> wrote:
> 
> > 3) normally, readlink(2) fails for non-symlinks.  Moreover, according to
> > POSIX it should do so (with -EINVAL).  There is a pathological case when
> > it succeeds for a directory, though.  Namely, one of the kinds of AFS
> > "mountpoints".
> 
> All AFS mountpoints are magic symlinks that are specially interpreted by the
> client as far as I'm aware.  I'm not sure why the designers didn't just select
> a different file type for them, but they didn't.

All of them?  I see two kinds there - one is magical symlink (recognized
by contents in afs_iget()), another is this autocell thing, the latter
having no ->readlink().  Both serve as automount points, don't they?

> > stat(2) reports those as directories, stepping into them leads to
> > automounting a directory there (why do we have ->open() for them, BTW?).
> 
> I think I put that in to make sure the open() syscall returned EREMOTE rather
> than another error if you tried to open it.  It can probably be removed
> because with the d_automount code you can't ever get there I think - unless
> you can pass AT_NO_AUTOMOUNT to openat().

Just how would openat() get the AT_... flags?  Only statat(2) accepts
AT_NO_AUTOMOUNT, sorry.
 
> > How the hell is userland supposed to guess to call readlink(2) on those
> > suckers to get the information of what'll get automounted there if we step
> > upon them?
> 
> There's an AFS userspace command that could be used to query a mountpoint that
> was going to use it.  However, I suspect readlink() will now always trigger
> the automount.  This is one of the things OpenAFS uses pioctl() for - but
> since I'm not allowed to add that to the kernel, I have to find some other way
> of doing it.

Well, pioctl() is a piec^H^Hle of shit interface; let's figure out what we'd
actually want to implement and do that.

One obvious thing is "here's a pathname, tell me what gets automounted here"
(with interesting question of what to do if the automount is being triggered
right now).  Another thing is locating those guys; if we had a separate file
type for them (i.e. could recognize them by st_mode _and_ d_type), we would
be fine (the usual tree-walkers would be able to spot such places and query
them for prospective automount targets), but without that... a syscall for
everything in a tree just to list those suckers?
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists