lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <4e915f46-093b-c566-1746-938dbd6dcf62@samba.org>
Date:   Thu, 5 Mar 2020 21:11:25 +0100
From:   Stefan Metzmacher <metze@...ba.org>
To:     David Howells <dhowells@...hat.com>, linux-api@...r.kernel.org
Cc:     viro@...iv.linux.org.uk, torvalds@...ux-foundation.org,
        cyphar@...har.com, christian.brauner@...ntu.com,
        linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [RFC][PATCH] Mark AT_* path flags as deprecated and add missing
 RESOLVE_ flags

Hi David,

> Do we want to do this?  Or should we duplicate the RESOLVE_* flags to AT_*
> flags so that existing *at() syscalls can make use of them?
>
> David
> ---
> commit 448731bf3b29f2b1f7c969d7efe1f0673ae13b5e
> Author: David Howells <dhowells@...hat.com>
> Date:   Thu Mar 5 17:40:02 2020 +0000
> 
>     Mark AT_* flags as deprecated and add missing RESOLVE_ flags
>     
>     It has been suggested that new path-using system calls should use RESOLVE_*
>     flags instead of AT_* flags, but the RESOLVE_* flag functions are not a
>     superset of the AT_* flag functions.  So formalise this by:
>     
>      (1) In linux/fcntl.h, add a comment noting that the AT_* flags are
>          deprecated for new system calls and that RESOLVE_* flags should be
>          used instead.
>     
>      (2) Add some missing flags:
>     
>             RESOLVE_NO_TERMINAL_SYMLINKS    for AT_SYMLINK_NOFOLLOW
>             RESOLVE_NO_TERMINAL_AUTOMOUNTS  for AT_NO_AUTOMOUNT
>             RESOLVE_EMPTY_PATH              for AT_EMPTY_PATH

For me "TERMINAL" sounds strange here (I'm not a native speaker, so feel
free to ignore me...). I'd use "BASENAME" instead.

>      (3) Make openat2() support RESOLVE_NO_TERMINAL_SYMLINKS.  LOOKUP_OPEN
>          internally implies LOOKUP_AUTOMOUNT, and AT_EMPTY_PATH is probably not
>          worth supporting (maybe use dup2() instead?).
>     
>     Reported-by: Stefan Metzmacher <metze@...ba.org>
>     Signed-off-by: David Howells <dhowells@...hat.com>
>     cc: Aleksa Sarai <cyphar@...har.com>
> 
> diff --git a/fs/open.c b/fs/open.c
> index 0788b3715731..6946ad09b42b 100644
> --- a/fs/open.c
> +++ b/fs/open.c
> @@ -977,7 +977,7 @@ inline struct open_how build_open_how(int flags, umode_t mode)
>  inline int build_open_flags(const struct open_how *how, struct open_flags *op)
>  {
>  	int flags = how->flags;
> -	int lookup_flags = 0;
> +	int lookup_flags = LOOKUP_FOLLOW | LOOKUP_AUTOMOUNT;
>  	int acc_mode = ACC_MODE(flags);
>  
>  	/* Must never be set by userspace */
> @@ -1055,8 +1055,8 @@ inline int build_open_flags(const struct open_how *how, struct open_flags *op)
>  
>  	if (flags & O_DIRECTORY)
>  		lookup_flags |= LOOKUP_DIRECTORY;
> -	if (!(flags & O_NOFOLLOW))
> -		lookup_flags |= LOOKUP_FOLLOW;
> +	if (flags & O_NOFOLLOW)
> +		lookup_flags &= ~LOOKUP_FOLLOW;
>  
>  	if (how->resolve & RESOLVE_NO_XDEV)
>  		lookup_flags |= LOOKUP_NO_XDEV;
> @@ -1068,6 +1068,8 @@ inline int build_open_flags(const struct open_how *how, struct open_flags *op)
>  		lookup_flags |= LOOKUP_BENEATH;
>  	if (how->resolve & RESOLVE_IN_ROOT)
>  		lookup_flags |= LOOKUP_IN_ROOT;
> +	if (how->resolve & RESOLVE_NO_TERMINAL_SYMLINKS)
> +		lookup_flags &= ~LOOKUP_FOLLOW;

Where's the RESOLVE_NO_TERMINAL_AUTOMOUNTS check?

metze



Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ