lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 16 Jan 2024 11:04:12 +0200
From: Amir Goldstein <amir73il@...il.com>
To: Sasha Levin <sashal@...nel.org>
Cc: linux-kernel@...r.kernel.org, stable@...r.kernel.org, 
	Miklos Szeredi <mszeredi@...hat.com>, Ian Kent <raven@...maw.net>, 
	Christian Brauner <brauner@...nel.org>, viro@...iv.linux.org.uk, linux-fsdevel@...r.kernel.org
Subject: Re: [PATCH AUTOSEL 6.1 12/14] add unique mount ID

On Tue, Jan 16, 2024 at 1:46 AM Sasha Levin <sashal@...nel.org> wrote:
>
> From: Miklos Szeredi <mszeredi@...hat.com>
>
> [ Upstream commit 98d2b43081972abeb5bb5a087bc3e3197531c46e ]
>
> If a mount is released then its mnt_id can immediately be reused.  This is
> bad news for user interfaces that want to uniquely identify a mount.
>

Sasha,

This is a new API, not a bug fix.
Maybe AUTOSEL was triggered by the words "This is bad news for user...."?

You have also selected this to other 6.*.y kernels.

Thanks,
Amir.


> Implementing a unique mount ID is trivial (use a 64bit counter).
> Unfortunately userspace assumes 32bit size and would overflow after the
> counter reaches 2^32.
>
> Introduce a new 64bit ID alongside the old one.  Initialize the counter to
> 2^32, this guarantees that the old and new IDs are never mixed up.
>
> Signed-off-by: Miklos Szeredi <mszeredi@...hat.com>
> Link: https://lore.kernel.org/r/20231025140205.3586473-2-mszeredi@redhat.com
> Reviewed-by: Ian Kent <raven@...maw.net>
> Signed-off-by: Christian Brauner <brauner@...nel.org>
> Signed-off-by: Sasha Levin <sashal@...nel.org>
> ---
>  fs/mount.h                | 3 ++-
>  fs/namespace.c            | 4 ++++
>  fs/stat.c                 | 9 +++++++--
>  include/uapi/linux/stat.h | 1 +
>  4 files changed, 14 insertions(+), 3 deletions(-)
>
> diff --git a/fs/mount.h b/fs/mount.h
> index 130c07c2f8d2..a14f762b3f29 100644
> --- a/fs/mount.h
> +++ b/fs/mount.h
> @@ -72,7 +72,8 @@ struct mount {
>         struct fsnotify_mark_connector __rcu *mnt_fsnotify_marks;
>         __u32 mnt_fsnotify_mask;
>  #endif
> -       int mnt_id;                     /* mount identifier */
> +       int mnt_id;                     /* mount identifier, reused */
> +       u64 mnt_id_unique;              /* mount ID unique until reboot */
>         int mnt_group_id;               /* peer group identifier */
>         int mnt_expiry_mark;            /* true if marked for expiry */
>         struct hlist_head mnt_pins;
> diff --git a/fs/namespace.c b/fs/namespace.c
> index e04a9e9e3f14..12c8e2eeda91 100644
> --- a/fs/namespace.c
> +++ b/fs/namespace.c
> @@ -68,6 +68,9 @@ static u64 event;
>  static DEFINE_IDA(mnt_id_ida);
>  static DEFINE_IDA(mnt_group_ida);
>
> +/* Don't allow confusion with old 32bit mount ID */
> +static atomic64_t mnt_id_ctr = ATOMIC64_INIT(1ULL << 32);
> +
>  static struct hlist_head *mount_hashtable __read_mostly;
>  static struct hlist_head *mountpoint_hashtable __read_mostly;
>  static struct kmem_cache *mnt_cache __read_mostly;
> @@ -130,6 +133,7 @@ static int mnt_alloc_id(struct mount *mnt)
>         if (res < 0)
>                 return res;
>         mnt->mnt_id = res;
> +       mnt->mnt_id_unique = atomic64_inc_return(&mnt_id_ctr);
>         return 0;
>  }
>
> diff --git a/fs/stat.c b/fs/stat.c
> index ef50573c72a2..a003e891a682 100644
> --- a/fs/stat.c
> +++ b/fs/stat.c
> @@ -232,8 +232,13 @@ static int vfs_statx(int dfd, struct filename *filename, int flags,
>
>         error = vfs_getattr(&path, stat, request_mask, flags);
>
> -       stat->mnt_id = real_mount(path.mnt)->mnt_id;
> -       stat->result_mask |= STATX_MNT_ID;
> +       if (request_mask & STATX_MNT_ID_UNIQUE) {
> +               stat->mnt_id = real_mount(path.mnt)->mnt_id_unique;
> +               stat->result_mask |= STATX_MNT_ID_UNIQUE;
> +       } else {
> +               stat->mnt_id = real_mount(path.mnt)->mnt_id;
> +               stat->result_mask |= STATX_MNT_ID;
> +       }
>
>         if (path.mnt->mnt_root == path.dentry)
>                 stat->attributes |= STATX_ATTR_MOUNT_ROOT;
> diff --git a/include/uapi/linux/stat.h b/include/uapi/linux/stat.h
> index 7cab2c65d3d7..2f2ee82d5517 100644
> --- a/include/uapi/linux/stat.h
> +++ b/include/uapi/linux/stat.h
> @@ -154,6 +154,7 @@ struct statx {
>  #define STATX_BTIME            0x00000800U     /* Want/got stx_btime */
>  #define STATX_MNT_ID           0x00001000U     /* Got stx_mnt_id */
>  #define STATX_DIOALIGN         0x00002000U     /* Want/got direct I/O alignment info */
> +#define STATX_MNT_ID_UNIQUE    0x00004000U     /* Want/got extended stx_mount_id */
>
>  #define STATX__RESERVED                0x80000000U     /* Reserved for future struct statx expansion */
>
> --
> 2.43.0
>
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ