| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 28 Jul 2023 15:05:06 +0200
From: Alexey Gladkov <legion@...nel.org>
To: Aleksa Sarai <cyphar@...har.com>
Cc: Alexander Viro <viro@...iv.linux.org.uk>,
Christian Brauner <brauner@...nel.org>,
linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
Palmer Dabbelt <palmer@...ive.com>,
Arnd Bergmann <arnd@...db.de>
Subject: Re: [PATCH] fchmodat2: add support for AT_EMPTY_PATH
On Fri, Jul 28, 2023 at 09:58:26PM +1000, Aleksa Sarai wrote:
> This allows userspace to avoid going through /proc/self/fd when dealing
> with all types of file descriptors for chmod(), and makes fchmodat2() a
> proper superset of all other chmod syscalls.
>
> The primary difference between fchmodat2(AT_EMPTY_PATH) and fchmod() is
> that fchmod() doesn't operate on O_PATH file descriptors by design. To
> quote open(2):
>
> > O_PATH (since Linux 2.6.39)
> > [...]
> > The file itself is not opened, and other file operations (e.g.,
> > read(2), write(2), fchmod(2), fchown(2), fgetxattr(2), ioctl(2),
> > mmap(2)) fail with the error EBADF.
>
> However, procfs has allowed userspace to do this operation ever since
> the introduction of O_PATH through magic-links, so adding this feature
> is only an improvement for programs that have to mess around with
> /proc/self/fd/$n today to get this behaviour. In addition,
> fchownat(AT_EMPTY_PATH) has existed since the introduction of O_PATH and
> allows chown() operations directly on O_PATH descriptors.
>
> Signed-off-by: Aleksa Sarai <cyphar@...har.com>
It seems to me that this makes sense for fchmodat2.
Acked-by: Alexey Gladkov <legion@...nel.org>
> ---
> fs/open.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/fs/open.c b/fs/open.c
> index e52d78e5a333..b8883ec286f5 100644
> --- a/fs/open.c
> +++ b/fs/open.c
> @@ -678,10 +678,12 @@ static int do_fchmodat(int dfd, const char __user *filename, umode_t mode,
> int error;
> unsigned int lookup_flags;
>
> - if (unlikely(flags & ~AT_SYMLINK_NOFOLLOW))
> + if (unlikely(flags & ~(AT_SYMLINK_NOFOLLOW | AT_EMPTY_PATH)))
> return -EINVAL;
>
> lookup_flags = (flags & AT_SYMLINK_NOFOLLOW) ? 0 : LOOKUP_FOLLOW;
> + if (flags & AT_EMPTY_PATH)
> + lookup_flags |= LOOKUP_EMPTY;
>
> retry:
> error = user_path_at(dfd, filename, lookup_flags, &path);
>
> ---
> base-commit: 4859c257d295949c23f4074850a8c2ec31357abb
> change-id: 20230728-fchmodat2-at_empty_path-310cf40c921f
>
> Best regards,
> --
> Aleksa Sarai <cyphar@...har.com>
>
--
Rgrds, legion
Powered by blists - more mailing lists