lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 19 Feb 2020 13:56:57 +0100
From:   Christian Brauner <christian.brauner@...ntu.com>
To:     Christoph Hellwig <hch@...radead.org>
Cc:     Stéphane Graber <stgraber@...ntu.com>,
        "Eric W. Biederman" <ebiederm@...ssion.com>,
        Aleksa Sarai <cyphar@...har.com>, Jann Horn <jannh@...gle.com>,
        smbarber@...omium.org, Seth Forshee <seth.forshee@...onical.com>,
        Alexander Viro <viro@...iv.linux.org.uk>,
        Alexey Dobriyan <adobriyan@...il.com>,
        Serge Hallyn <serge@...lyn.com>,
        James Morris <jmorris@...ei.org>,
        Kees Cook <keescook@...omium.org>,
        Jonathan Corbet <corbet@....net>,
        Phil Estes <estesp@...il.com>, linux-kernel@...r.kernel.org,
        linux-fsdevel@...r.kernel.org,
        containers@...ts.linux-foundation.org,
        linux-security-module@...r.kernel.org, linux-api@...r.kernel.org
Subject: Re: [PATCH v3 15/25] posix_acl: handle fsid mappings

On Tue, Feb 18, 2020 at 02:26:31PM -0800, Christoph Hellwig wrote:
> On Tue, Feb 18, 2020 at 03:34:01PM +0100, Christian Brauner wrote:
> > diff --git a/fs/posix_acl.c b/fs/posix_acl.c
> > index 249672bf54fe..ed6112c9b804 100644
> > --- a/fs/posix_acl.c
> > +++ b/fs/posix_acl.c
> > @@ -22,6 +22,7 @@
> >  #include <linux/xattr.h>
> >  #include <linux/export.h>
> >  #include <linux/user_namespace.h>
> > +#include <linux/fsuidgid.h>
> >  
> >  static struct posix_acl **acl_by_type(struct inode *inode, int type)
> >  {
> > @@ -692,12 +693,12 @@ static void posix_acl_fix_xattr_userns(
> >  	for (end = entry + count; entry != end; entry++) {
> >  		switch(le16_to_cpu(entry->e_tag)) {
> >  		case ACL_USER:
> > -			uid = make_kuid(from, le32_to_cpu(entry->e_id));
> > -			entry->e_id = cpu_to_le32(from_kuid(to, uid));
> > +			uid = make_kfsuid(from, le32_to_cpu(entry->e_id));
> > +			entry->e_id = cpu_to_le32(from_kfsuid(to, uid));
> >  			break;
> >  		case ACL_GROUP:
> > -			gid = make_kgid(from, le32_to_cpu(entry->e_id));
> > -			entry->e_id = cpu_to_le32(from_kgid(to, gid));
> > +			gid = make_kfsgid(from, le32_to_cpu(entry->e_id));
> > +			entry->e_id = cpu_to_le32(from_kfsgid(to, gid));
> >  			break;
> 
> Before we touch this code any more it needs to move to the right place.
> Poking into ACLs from generic xattr code is a complete layering

git history shows that it was deliberately placed after the fs specific
xattr handlers have been called so individual filesystems don't need to
be aware of id mappings to make maintenance easier. Same goes for vfs
capabilities. Moving this down into individual filesystem seems like a
maintenance nightmare where now each individual filesystem will have to
remember to fixup their ids. For namespaced vfs caps which are handled
at the same level in setxattr() it will also mean breaking backwards
compatible translation from non-namespaced vfs caps aware userspace to
namespaced vfs-caps aware kernels.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ