| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20220117134352.866706-2-zhang.yunkai@zte.com.cn>
Date: Mon, 17 Jan 2022 13:43:51 +0000
From: cgel.zte@...il.com
To: mhiramat@...nel.org
Cc: viro@...iv.linux.org.uk, keescook@...omium.org,
samitolvanen@...gle.com, ojeda@...nel.org, johan@...nel.org,
bhelgaas@...gle.com, elver@...gle.com, masahiroy@...nel.org,
zhang.yunkai@....com.cn, axboe@...nel.dk, vgoyal@...hat.com,
jack@...e.cz, leon@...nel.org, akpm@...ux-foundation.org,
rppt@...nel.org, linux@...musvillemoes.dk,
palmerdabbelt@...gle.com, f.fainelli@...il.com,
wangkefeng.wang@...wei.com, rostedt@...dmis.org,
ahalaney@...hat.com, valentin.schneider@....com,
peterz@...radead.org, geert@...ux-m68k.org,
linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
Menglong Dong <dong.menglong@....com.cn>
Subject: [PATCH v7 1/2] init/main.c: introduce function ramdisk_exec_exist()
From: Zhang Yunkai <zhang.yunkai@....com.cn>
Introduce the function ramdisk_exec_exist, which is used to check the
exist of 'ramdisk_execute_command'.
To make path lookup follow the mount on '/', use vfs_path_lookup() in
init_eaccess(), and make the filesystem that mounted on '/' as root
during path lookup.
Reported-by: Menglong Dong <dong.menglong@....com.cn>
Signed-off-by: Zhang Yunkai <zhang.yunkai@....com.cn>
---
fs/init.c | 11 +++++++++--
include/linux/init.h | 1 +
init/main.c | 7 ++++++-
3 files changed, 16 insertions(+), 3 deletions(-)
diff --git a/fs/init.c b/fs/init.c
index 5c36adaa9b44..166356a1f15f 100644
--- a/fs/init.c
+++ b/fs/init.c
@@ -112,14 +112,21 @@ int __init init_chmod(const char *filename, umode_t mode)
int __init init_eaccess(const char *filename)
{
- struct path path;
+ struct path path, root;
int error;
- error = kern_path(filename, LOOKUP_FOLLOW, &path);
+ error = kern_path("/", LOOKUP_DOWN, &root);
if (error)
return error;
+ error = vfs_path_lookup(root.dentry, root.mnt, filename,
+ LOOKUP_FOLLOW, &path);
+ if (error)
+ goto on_err;
error = path_permission(&path, MAY_ACCESS);
+
path_put(&path);
+on_err:
+ path_put(&root);
return error;
}
diff --git a/include/linux/init.h b/include/linux/init.h
index d82b4b2e1d25..889d538b6dfa 100644
--- a/include/linux/init.h
+++ b/include/linux/init.h
@@ -149,6 +149,7 @@ extern unsigned int reset_devices;
void setup_arch(char **);
void prepare_namespace(void);
void __init init_rootfs(void);
+bool ramdisk_exec_exist(void);
extern struct file_system_type rootfs_fs_type;
#if defined(CONFIG_STRICT_KERNEL_RWX) || defined(CONFIG_STRICT_MODULE_RWX)
diff --git a/init/main.c b/init/main.c
index bb984ed79de0..ed1c63f4ed87 100644
--- a/init/main.c
+++ b/init/main.c
@@ -1577,6 +1577,11 @@ void __init console_on_rootfs(void)
fput(file);
}
+bool __init ramdisk_exec_exist(void)
+{
+ return init_eaccess(ramdisk_execute_command) == 0;
+}
+
static noinline void __init kernel_init_freeable(void)
{
/* Now the scheduler is fully set up and can do blocking allocations */
@@ -1618,7 +1623,7 @@ static noinline void __init kernel_init_freeable(void)
* check if there is an early userspace init. If yes, let it do all
* the work
*/
- if (init_eaccess(ramdisk_execute_command) != 0) {
+ if (!ramdisk_exec_exist()) {
ramdisk_execute_command = NULL;
prepare_namespace();
}
--
2.25.1
Powered by blists - more mailing lists