| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20161227112037.015dc5ac@gentp.lnet>
Date: Tue, 27 Dec 2016 11:20:37 +0100
From: Luis Ressel <aranea@...ah.de>
To: "Eric W. Biederman" <ebiederm@...ssion.com>,
Alexander Viro <viro@...iv.linux.org.uk>,
linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: mount_pseudo(), sget() and MS_KERNMOUNT
Hello,
With Linux 4.8, the sget() function in fs/super.c got a new permission
check: It now returns -EPERM if
(!(flags & MS_KERNMOUNT) && !ns_capable(user_ns, CAP_SYS_ADMIN)) .
I presume the first half is intented to detect in-kernel mounts? If so,
why doesn't mount_pseudo() (in fs/libfs.c) pass the MS_KERNMOUNT flag
to sget()?
This behaviour has caused a problem for me: During graphics driver
initalization, drm_fs_inode_new() (in drivers/gpu/drm/drm_drv.c) calls
simple_pin_fs(). The MS_KERNMOUNT flag is indeed passed down the
call chain from there, but it is lost when mount_pseudo() is called, as
that function doesn't take a 'flags' argument.
Hence, the first part of the above permission check fails. (The second
part also fails under some cicumstances due to a SELinux quirk, and
therefore the initalization of my graphics driver doesn't succeed.)
Regards,
Luis Ressel
(Apologies if I'm sending this inquiry to the wrong people. I don't
know much about the kernel development workflow, so I decided to send
it to whomever get_maintainer.pl spat out, plus the author of the
sget() change in 4.8.)
Powered by blists - more mailing lists