| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 17 Oct 2018 18:41:24 +0100
From: Alan Jenkins <alan.christopher.jenkins@...il.com>
To: David Howells <dhowells@...hat.com>
Cc: Al Viro <viro@...IV.linux.org.uk>, linux-api@...r.kernel.org,
torvalds@...ux-foundation.org, ebiederm@...ssion.com,
linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
mszeredi@...hat.com
Subject: Re: [PATCH 31/34] vfs: syscall: Add fspick() to select a superblock
for reconfiguration [ver #12]
On 17/10/2018 16:45, David Howells wrote:
> Alan Jenkins <alan.christopher.jenkins@...il.com> wrote:
>
>> I agree. I'm happy to see this is using the same check as do_remount().
>>
>>
>> * change filesystem flags. dir should be a physical root of filesystem.
>> * If you've mounted a non-root directory somewhere and want to do remount
>> * on it - tough luck.
>> */
> Are you suggesting that it should only work at the ultimate root of a
> superblock and not a bind mount somewhere within?
>
> That's tricky to make work for NFS because s_root is a dummy dentry.
>
> David
Retro-actively: I do not suggest that.
I tried to answer this question in my reply to Eric correcting me. Eric
was right to correct me. I now understand the comment above
do_remount() is incorrect. I re-reviewed your diff in light of that. I
re-endorse your diff as a way to solve the problem I raised.
(I think it would be useful to remove the misleading comment above
do_remount(), to avoid future confusion.)
> @@ -186,6 +186,10 @@ SYSCALL_DEFINE3(fspick, int, dfd, const char
__user *, path, unsigned int, flags
> if (ret < 0)
> goto err;
>
> + ret = -EINVAL;
> + if (target.mnt->mnt_root != target.dentry)
> + goto err_path;
> +
( the "if" statement it adds to fspick() is equivalent to the second
"if" statement in do_remount(): )
static int do_remount <https://elixir.bootlin.com/linux/v4.18/ident/do_remount>(struct path <https://elixir.bootlin.com/linux/v4.18/ident/path> *path <https://elixir.bootlin.com/linux/v4.18/ident/path>, int ms_flags, int sb_flags,
int mnt_flags, void *data)
{
int err;
struct super_block <https://elixir.bootlin.com/linux/v4.18/ident/super_block> *sb = path <https://elixir.bootlin.com/linux/v4.18/ident/path>->mnt
<https://elixir.bootlin.com/linux/v4.18/ident/mnt>->mnt_sb;
struct mount <https://elixir.bootlin.com/linux/v4.18/ident/mount> *mnt <https://elixir.bootlin.com/linux/v4.18/ident/mnt> = real_mount
<https://elixir.bootlin.com/linux/v4.18/ident/real_mount>(path
<https://elixir.bootlin.com/linux/v4.18/ident/path>->mnt
<https://elixir.bootlin.com/linux/v4.18/ident/mnt>);
if (!check_mnt <https://elixir.bootlin.com/linux/v4.18/ident/check_mnt>(mnt
<https://elixir.bootlin.com/linux/v4.18/ident/mnt>))
return -EINVAL <https://elixir.bootlin.com/linux/v4.18/ident/EINVAL>;
if (path <https://elixir.bootlin.com/linux/v4.18/ident/path>->dentry != path <https://elixir.bootlin.com/linux/v4.18/ident/path>->mnt
<https://elixir.bootlin.com/linux/v4.18/ident/mnt>->mnt_root)
return -EINVAL <https://elixir.bootlin.com/linux/v4.18/ident/EINVAL>;
Thanks
Alan
Powered by blists - more mailing lists