lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 12 Oct 2018 15:25:42 +0100 From: Alan Jenkins <alan.christopher.jenkins@...il.com> To: David Howells <dhowells@...hat.com>, viro@...iv.linux.org.uk Cc: torvalds@...ux-foundation.org, linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH 03/33] teach move_mount(2) to work with OPEN_TREE_CLONE [ver #11] On 01/08/2018 16:24, David Howells wrote: > From: Al Viro<viro@...iv.linux.org.uk> > > Allow a detached tree created by open_tree(..., OPEN_TREE_CLONE) to be > attached by move_mount(2). > > If by the time of final fput() of OPEN_TREE_CLONE-opened file its tree is > not detached anymore, it won't be dissolved. move_mount(2) is adjusted > to handle detached source. > > That gives us equivalents of mount --bind and mount --rbind. > > Signed-off-by: Al Viro<viro@...iv.linux.org.uk> > Signed-off-by: David Howells<dhowells@...hat.com> > --- > > fs/namespace.c | 26 ++++++++++++++++++++------ > 1 file changed, 20 insertions(+), 6 deletions(-) > > diff --git a/fs/namespace.c b/fs/namespace.c > index e2934a4f342b..3981fd7b13f5 100644 > --- a/fs/namespace.c > +++ b/fs/namespace.c > @@ -2464,10 +2467,19 @@ static int do_move_mount(struct path *old_path, struct path *new_path) > p = real_mount(new_path->mnt); > > err = -EINVAL; > - if (!check_mnt(p) || !check_mnt(old)) > + /* The mountpoint must be in our namespace. */ > + if (!check_mnt(p)) > + goto out1; > + /* The thing moved should be either ours or completely unattached. */ > + if (old->mnt_ns && !check_mnt(old)) > goto out1; > > - if (!mnt_has_parent(old)) > + attached = mnt_has_parent(old); > + /* > + * We need to allow open_tree(OPEN_TREE_CLONE) followed by > + * move_mount(), but mustn't allow "/" to be moved. > + */ > + if (old->mnt_ns && !attached) > goto out1; Technically, I think the comment should say "mustn't allow rootfs to be moved". "rootfs", as in Documentation/filesystems/ramfs-rootfs-initramfs.txt. Moving "/" is allowed. # unshare -m # cd /mnt # mount -ttmpfs none / # mount --move --no-canonicalize /.. /mnt # (Or if you want to quibble about "/.." v.s. "/" - # unshare -m # cd /mnt # mount --rbind / / # chroot --skip-chdir /.. # mount --move --no-canonicalize / .
Powered by blists - more mailing lists