| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20210604120727.58410-2-dong.menglong@zte.com.cn>
Date: Fri, 4 Jun 2021 05:07:25 -0700
From: menglong8.dong@...il.com
To: christian.brauner@...ntu.com
Cc: viro@...iv.linux.org.uk, keescook@...omium.org,
samitolvanen@...gle.com, ojeda@...nel.org, johan@...nel.org,
elver@...gle.com, masahiroy@...nel.org, dong.menglong@....com.cn,
joe@...ches.com, axboe@...nel.dk, hare@...e.de, jack@...e.cz,
gregkh@...uxfoundation.org, tj@...nel.org, song@...nel.org,
neilb@...e.de, akpm@...ux-foundation.org, f.fainelli@...il.com,
arnd@...db.de, palmerdabbelt@...gle.com,
wangkefeng.wang@...wei.com, linux@...musvillemoes.dk,
brho@...gle.com, mhiramat@...nel.org, rostedt@...dmis.org,
vbabka@...e.cz, pmladek@...e.com, glider@...gle.com,
chris@...isdown.name, ebiederm@...ssion.com, jojing64@...il.com,
geert@...ux-m68k.org, mingo@...nel.org, terrelln@...com,
linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
mcgrof@...nel.org, jeyu@...nel.org, bhelgaas@...gle.com,
josh@...htriplett.org
Subject: [PATCH v5 1/3] init/main.c: introduce function ramdisk_exec_exist()
From: Menglong Dong <dong.menglong@....com.cn>
Introduce the function ramdisk_exec_exist, which is used to check the
exist of 'ramdisk_execute_command'.
To make path lookup follow the mount on '/', use vfs_path_lookup() in
init_eaccess(), and make the filesystem that mounted on '/' as root
during path lookup.
Signed-off-by: Menglong Dong <dong.menglong@....com.cn>
---
fs/init.c | 11 +++++++++--
include/linux/init.h | 1 +
init/main.c | 7 ++++++-
3 files changed, 16 insertions(+), 3 deletions(-)
diff --git a/fs/init.c b/fs/init.c
index 5c36adaa9b44..166356a1f15f 100644
--- a/fs/init.c
+++ b/fs/init.c
@@ -112,14 +112,21 @@ int __init init_chmod(const char *filename, umode_t mode)
int __init init_eaccess(const char *filename)
{
- struct path path;
+ struct path path, root;
int error;
- error = kern_path(filename, LOOKUP_FOLLOW, &path);
+ error = kern_path("/", LOOKUP_DOWN, &root);
if (error)
return error;
+ error = vfs_path_lookup(root.dentry, root.mnt, filename,
+ LOOKUP_FOLLOW, &path);
+ if (error)
+ goto on_err;
error = path_permission(&path, MAY_ACCESS);
+
path_put(&path);
+on_err:
+ path_put(&root);
return error;
}
diff --git a/include/linux/init.h b/include/linux/init.h
index d82b4b2e1d25..889d538b6dfa 100644
--- a/include/linux/init.h
+++ b/include/linux/init.h
@@ -149,6 +149,7 @@ extern unsigned int reset_devices;
void setup_arch(char **);
void prepare_namespace(void);
void __init init_rootfs(void);
+bool ramdisk_exec_exist(void);
extern struct file_system_type rootfs_fs_type;
#if defined(CONFIG_STRICT_KERNEL_RWX) || defined(CONFIG_STRICT_MODULE_RWX)
diff --git a/init/main.c b/init/main.c
index eb01e121d2f1..1153571ca977 100644
--- a/init/main.c
+++ b/init/main.c
@@ -1522,6 +1522,11 @@ void __init console_on_rootfs(void)
fput(file);
}
+bool __init ramdisk_exec_exist(void)
+{
+ return init_eaccess(ramdisk_execute_command) == 0;
+}
+
static noinline void __init kernel_init_freeable(void)
{
/*
@@ -1568,7 +1573,7 @@ static noinline void __init kernel_init_freeable(void)
* check if there is an early userspace init. If yes, let it do all
* the work
*/
- if (init_eaccess(ramdisk_execute_command) != 0) {
+ if (!ramdisk_exec_exist()) {
ramdisk_execute_command = NULL;
prepare_namespace();
}
--
2.32.0.rc0
Powered by blists - more mailing lists