lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 27 May 2021 15:29:20 +0800
From:   Menglong Dong <menglong8.dong@...il.com>
To:     Luis Chamberlain <mcgrof@...nel.org>
Cc:     Josh Triplett <josh@...htriplett.org>,
        "Eric W. Biederman" <ebiederm@...ssion.com>,
        Alexander Viro <viro@...iv.linux.org.uk>,
        Kees Cook <keescook@...omium.org>,
        Sami Tolvanen <samitolvanen@...gle.com>, ojeda@...nel.org,
        johan@...nel.org, Bjorn Helgaas <bhelgaas@...gle.com>,
        masahiroy@...nel.org, Menglong Dong <dong.menglong@....com.cn>,
        joe@...ches.com, Jens Axboe <axboe@...nel.dk>, hare@...e.de,
        Jan Kara <jack@...e.cz>, tj@...nel.org,
        gregkh@...uxfoundation.org, song@...nel.org,
        NeilBrown <neilb@...e.de>,
        Andrew Morton <akpm@...ux-foundation.org>,
        f.fainelli@...il.com, arnd@...db.de,
        Rasmus Villemoes <linux@...musvillemoes.dk>,
        wangkefeng.wang@...wei.com, Barret Rhoden <brho@...gle.com>,
        mhiramat@...nel.org, Steven Rostedt <rostedt@...dmis.org>,
        vbabka@...e.cz, Alexander Potapenko <glider@...gle.com>,
        pmladek@...e.com, Chris Down <chris@...isdown.name>,
        jojing64@...il.com, terrelln@...com, geert@...ux-m68k.org,
        mingo@...nel.org, linux-fsdevel@...r.kernel.org,
        LKML <linux-kernel@...r.kernel.org>, jeyu@...nel.org
Subject: Re: [PATCH v2 2/3] init/do_cmounts.c: introduce 'user_root' for initramfs

On Wed, May 26, 2021 at 5:03 PM Luis Chamberlain <mcgrof@...nel.org> wrote:
>
[...]
>
> I asked for the kconfig entry. And it would be good to document then

Wow, I didn't recognize it's you, haha~

> also the worst case expected on boot for what this could do to you. I
> mean, we are opening a different evil universe. So that's why the
> kconfig exists.  How bad and evil can this be?

I just dig into it a little deeper today. Except the boot time you
mentioned, I haven't dig out other bad case yet.

I don't think this will affect the path lookup you mentioned before.
As I know, all threads in kernel are using the same root, and after
change root to 'user root', path lookup will be inside this root.

One thing, the name of the root mount will change from 'rootfs' to 'tmpfs'
or 'ramfs'. Before this change, what you can see with 'mount' is:

$ mount
rootfs on / type rootfs (rw,size=903476k,nr_inodes=225869)

After this patch, it will become:

$ mount
tmpfs on / type tmpfs (rw,size=903476k,nr_inodes=225869)

I'm not sure if this is a risk. And I tried to change pivot_root to make
it support the root that have not a parent mount, but not success yet.
That seems much more complex.

Thanks!
Menglong Dong

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ