| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 28 Mar 2024 18:53:37 -0700
From: Daniel Rosenberg <drosen@...gle.com>
To: Miklos Szeredi <miklos@...redi.hu>, bpf@...r.kernel.org,
Alexei Starovoitov <ast@...nel.org>
Cc: Amir Goldstein <amir73il@...il.com>, linux-kernel@...r.kernel.org,
linux-fsdevel@...r.kernel.org, linux-unionfs@...r.kernel.org,
Daniel Borkmann <daniel@...earbox.net>, John Fastabend <john.fastabend@...il.com>,
Andrii Nakryiko <andrii@...nel.org>, Martin KaFai Lau <martin.lau@...ux.dev>, Song Liu <song@...nel.org>,
Eduard Zingerman <eddyz87@...il.com>, Yonghong Song <yonghong.song@...ux.dev>,
KP Singh <kpsingh@...nel.org>, Stanislav Fomichev <sdf@...gle.com>, Hao Luo <haoluo@...gle.com>,
Jiri Olsa <jolsa@...nel.org>, Shuah Khan <shuah@...nel.org>, Jonathan Corbet <corbet@....net>,
Joanne Koong <joannelkoong@...il.com>, Mykola Lysenko <mykolal@...com>,
Christian Brauner <brauner@...nel.org>, kernel-team@...roid.com,
Daniel Rosenberg <drosen@...gle.com>
Subject: [RFC PATCH v4 22/36] fuse-bpf: Add partial ioctl support
This adds passthrough only support for ioctls with fuse-bpf.
compat_ioctls will return -ENOTTY.
Signed-off-by: Daniel Rosenberg <drosen@...gle.com>
---
fs/fuse/backing.c | 13 +++++++++++++
fs/fuse/fuse_i.h | 2 ++
fs/fuse/ioctl.c | 9 +++++++++
3 files changed, 24 insertions(+)
diff --git a/fs/fuse/backing.c b/fs/fuse/backing.c
index b2df2469c29c..884c690becd5 100644
--- a/fs/fuse/backing.c
+++ b/fs/fuse/backing.c
@@ -1587,6 +1587,19 @@ int fuse_bpf_file_write_iter(ssize_t *out, struct inode *inode, struct kiocb *io
iocb, from);
}
+long fuse_backing_ioctl(struct file *file, unsigned int command, unsigned long arg, int flags)
+{
+ struct fuse_file *ff = file->private_data;
+ long ret;
+
+ if (flags & FUSE_IOCTL_COMPAT)
+ ret = -ENOTTY;
+ else
+ ret = vfs_ioctl(ff->backing_file, command, arg);
+
+ return ret;
+}
+
int fuse_file_flock_backing(struct file *file, int cmd, struct file_lock *fl)
{
struct fuse_file *ff = file->private_data;
diff --git a/fs/fuse/fuse_i.h b/fs/fuse/fuse_i.h
index e69f83616909..81639c006ac5 100644
--- a/fs/fuse/fuse_i.h
+++ b/fs/fuse/fuse_i.h
@@ -1651,6 +1651,8 @@ static inline int fuse_bpf_access(int *out, struct inode *inode, int mask)
#endif // CONFIG_FUSE_BPF
+long fuse_backing_ioctl(struct file *file, unsigned int command, unsigned long arg, int flags);
+
int fuse_file_flock_backing(struct file *file, int cmd, struct file_lock *fl);
ssize_t fuse_backing_mmap(struct file *file, struct vm_area_struct *vma);
diff --git a/fs/fuse/ioctl.c b/fs/fuse/ioctl.c
index 8929dfec4970..d40dace24d2b 100644
--- a/fs/fuse/ioctl.c
+++ b/fs/fuse/ioctl.c
@@ -360,6 +360,15 @@ long fuse_ioctl_common(struct file *file, unsigned int cmd,
if (fuse_is_bad(inode))
return -EIO;
+#ifdef CONFIG_FUSE_BPF
+ {
+ struct fuse_file *ff = file->private_data;
+
+ /* TODO - this is simply passthrough, not a proper BPF filter */
+ if (ff->backing_file)
+ return fuse_backing_ioctl(file, cmd, arg, flags);
+ }
+#endif
return fuse_do_ioctl(file, cmd, arg, flags);
}
--
2.44.0.478.gd926399ef9-goog
Powered by blists - more mailing lists