lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 17 Feb 2017 09:24:40 -0800 From: James Bottomley <James.Bottomley@...senPartnership.com> To: Al Viro <viro@...IV.linux.org.uk> Cc: Djalal Harouni <tixxdz@...il.com>, Chris Mason <clm@...com>, Theodore Tso <tytso@....edu>, Josh Triplett <josh@...htriplett.org>, "Eric W. Biederman" <ebiederm@...ssion.com>, Andy Lutomirski <luto@...nel.org>, Seth Forshee <seth.forshee@...onical.com>, linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org, linux-security-module@...r.kernel.org, Dongsu Park <dongsu@...ocode.com>, David Herrmann <dh.herrmann@...glemail.com>, Miklos Szeredi <mszeredi@...hat.com>, Alban Crequy <alban.crequy@...il.com>, "Serge E. Hallyn" <serge@...lyn.com>, Phil Estes <estesp@...il.com> Subject: Re: [RFC 1/1] shiftfs: uid/gid shifting bind mount On Fri, 2017-02-17 at 02:29 +0000, Al Viro wrote: > On Sat, Feb 04, 2017 at 11:19:32AM -0800, James Bottomley wrote: > > > +static const struct dentry_operations shiftfs_dentry_ops = { > > + .d_release = shiftfs_d_release, > > + .d_real = shiftfs_d_real, > > +}; > > In other words, those dentries are *never* revalidated. Nevermind > that underlying fs might be mounted elsewhere and be actively > modified under you. > > > +static struct dentry *shiftfs_lookup(struct inode *dir, struct > > dentry *dentry, > > + unsigned int flags) > > +{ > > + struct dentry *real = dir->i_private, *new; > > + struct inode *reali = real->d_inode, *newi; > > + const struct cred *oldcred, *newcred; > > + > > + inode_lock(reali); > > + oldcred = shiftfs_new_creds(&newcred, dentry->d_sb); > > + new = lookup_one_len(dentry->d_name.name, real, dentry > > ->d_name.len); > > + shiftfs_old_creds(oldcred, &newcred); > > + inode_unlock(reali); > > + > > + if (IS_ERR(new)) > > + return new; > > + > > + dentry->d_fsdata = new; > > + > > + if (!new->d_inode) > > + return NULL; > > What happens when somebody comes along and creates the damn thing on > the underlying fs? _Not_ via your code, that is - using the > underlying fs mounted elsewhere. Point taken. This, I think fixes the dcache revalidation issue. James --- diff --git a/fs/shiftfs.c b/fs/shiftfs.c index a4a1f98..1e71efe 100644 --- a/fs/shiftfs.c +++ b/fs/shiftfs.c @@ -118,9 +118,43 @@ static struct dentry *shiftfs_d_real(struct dentry *dentry, return real; } +static int shiftfs_d_weak_revalidate(struct dentry *dentry, unsigned int flags) +{ + struct dentry *real = dentry->d_fsdata; + + if (d_unhashed(real)) + return 0; + + if (!(real->d_flags & DCACHE_OP_WEAK_REVALIDATE)) + return 1; + + return real->d_op->d_weak_revalidate(real, flags); +} + +static int shiftfs_d_revalidate(struct dentry *dentry, unsigned int flags) +{ + struct dentry *real = dentry->d_fsdata; + int ret; + + if (d_unhashed(real)) + return 0; + + if (!(real->d_flags & DCACHE_OP_REVALIDATE)) + return 1; + + ret = real->d_op->d_revalidate(real, flags); + + if (ret == 0 && !(flags & LOOKUP_RCU)) + d_invalidate(real); + + return ret; +} + static const struct dentry_operations shiftfs_dentry_ops = { .d_release = shiftfs_d_release, .d_real = shiftfs_d_real, + .d_revalidate = shiftfs_d_revalidate, + .d_weak_revalidate = shiftfs_d_weak_revalidate, }; static int shiftfs_readlink(struct dentry *dentry, char __user *data, @@ -431,9 +465,7 @@ static struct dentry *shiftfs_lookup(struct inode *dir, struct dentry *dentry, return ERR_PTR(-ENOMEM); } - d_splice_alias(newi, dentry); - - return NULL; + return d_splice_alias(newi, dentry); } static int shiftfs_permission(struct inode *inode, int mask)
Powered by blists - more mailing lists