lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 28 Mar 2024 18:53:37 -0700
From: Daniel Rosenberg <drosen@...gle.com>
To: Miklos Szeredi <miklos@...redi.hu>, bpf@...r.kernel.org, 
	Alexei Starovoitov <ast@...nel.org>
Cc: Amir Goldstein <amir73il@...il.com>, linux-kernel@...r.kernel.org, 
	linux-fsdevel@...r.kernel.org, linux-unionfs@...r.kernel.org, 
	Daniel Borkmann <daniel@...earbox.net>, John Fastabend <john.fastabend@...il.com>, 
	Andrii Nakryiko <andrii@...nel.org>, Martin KaFai Lau <martin.lau@...ux.dev>, Song Liu <song@...nel.org>, 
	Eduard Zingerman <eddyz87@...il.com>, Yonghong Song <yonghong.song@...ux.dev>, 
	KP Singh <kpsingh@...nel.org>, Stanislav Fomichev <sdf@...gle.com>, Hao Luo <haoluo@...gle.com>, 
	Jiri Olsa <jolsa@...nel.org>, Shuah Khan <shuah@...nel.org>, Jonathan Corbet <corbet@....net>, 
	Joanne Koong <joannelkoong@...il.com>, Mykola Lysenko <mykolal@...com>, 
	Christian Brauner <brauner@...nel.org>, kernel-team@...roid.com, 
	Daniel Rosenberg <drosen@...gle.com>
Subject: [RFC PATCH v4 22/36] fuse-bpf: Add partial ioctl support

This adds passthrough only support for ioctls with fuse-bpf.
compat_ioctls will return -ENOTTY.

Signed-off-by: Daniel Rosenberg <drosen@...gle.com>
---
 fs/fuse/backing.c | 13 +++++++++++++
 fs/fuse/fuse_i.h  |  2 ++
 fs/fuse/ioctl.c   |  9 +++++++++
 3 files changed, 24 insertions(+)

diff --git a/fs/fuse/backing.c b/fs/fuse/backing.c
index b2df2469c29c..884c690becd5 100644
--- a/fs/fuse/backing.c
+++ b/fs/fuse/backing.c
@@ -1587,6 +1587,19 @@ int fuse_bpf_file_write_iter(ssize_t *out, struct inode *inode, struct kiocb *io
 				iocb, from);
 }
 
+long fuse_backing_ioctl(struct file *file, unsigned int command, unsigned long arg, int flags)
+{
+	struct fuse_file *ff = file->private_data;
+	long ret;
+
+	if (flags & FUSE_IOCTL_COMPAT)
+		ret = -ENOTTY;
+	else
+		ret = vfs_ioctl(ff->backing_file, command, arg);
+
+	return ret;
+}
+
 int fuse_file_flock_backing(struct file *file, int cmd, struct file_lock *fl)
 {
 	struct fuse_file *ff = file->private_data;
diff --git a/fs/fuse/fuse_i.h b/fs/fuse/fuse_i.h
index e69f83616909..81639c006ac5 100644
--- a/fs/fuse/fuse_i.h
+++ b/fs/fuse/fuse_i.h
@@ -1651,6 +1651,8 @@ static inline int fuse_bpf_access(int *out, struct inode *inode, int mask)
 
 #endif // CONFIG_FUSE_BPF
 
+long fuse_backing_ioctl(struct file *file, unsigned int command, unsigned long arg, int flags);
+
 int fuse_file_flock_backing(struct file *file, int cmd, struct file_lock *fl);
 ssize_t fuse_backing_mmap(struct file *file, struct vm_area_struct *vma);
 
diff --git a/fs/fuse/ioctl.c b/fs/fuse/ioctl.c
index 8929dfec4970..d40dace24d2b 100644
--- a/fs/fuse/ioctl.c
+++ b/fs/fuse/ioctl.c
@@ -360,6 +360,15 @@ long fuse_ioctl_common(struct file *file, unsigned int cmd,
 	if (fuse_is_bad(inode))
 		return -EIO;
 
+#ifdef CONFIG_FUSE_BPF
+	{
+		struct fuse_file *ff = file->private_data;
+
+		/* TODO - this is simply passthrough, not a proper BPF filter */
+		if (ff->backing_file)
+			return fuse_backing_ioctl(file, cmd, arg, flags);
+	}
+#endif
 	return fuse_do_ioctl(file, cmd, arg, flags);
 }
 
-- 
2.44.0.478.gd926399ef9-goog


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ