lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20240820062922.GJ504335@ZenIV>
Date: Tue, 20 Aug 2024 07:29:22 +0100
From: Al Viro <viro@...iv.linux.org.uk>
To: Song Liu <songliubraving@...a.com>
Cc: Christian Brauner <brauner@...nel.org>,
	Mickaël Salaün <mic@...ikod.net>,
	Song Liu <song@...nel.org>, bpf <bpf@...r.kernel.org>,
	Linux-Fsdevel <linux-fsdevel@...r.kernel.org>,
	LKML <linux-kernel@...r.kernel.org>,
	Kernel Team <kernel-team@...a.com>,
	"andrii@...nel.org" <andrii@...nel.org>,
	"eddyz87@...il.com" <eddyz87@...il.com>,
	"ast@...nel.org" <ast@...nel.org>,
	"daniel@...earbox.net" <daniel@...earbox.net>,
	"martin.lau@...ux.dev" <martin.lau@...ux.dev>,
	"jack@...e.cz" <jack@...e.cz>,
	"kpsingh@...nel.org" <kpsingh@...nel.org>,
	"mattbobrowski@...gle.com" <mattbobrowski@...gle.com>,
	Liam Wisehart <liamwisehart@...a.com>, Liang Tang <lltang@...a.com>,
	Shankaran Gnanashanmugam <shankaran@...a.com>,
	LSM List <linux-security-module@...r.kernel.org>
Subject: Re: [PATCH bpf-next 2/2] selftests/bpf: Add tests for
 bpf_get_dentry_xattr

On Mon, Aug 19, 2024 at 08:25:38PM +0000, Song Liu wrote:

> int bpf_get_parent_path(struct path *p) {
> again:
>     if (p->dentry == p->mnt.mnt_root) {
>         follow_up(p);
>         goto again;
>     }
>     if (unlikely(IS_ROOT(p->dentry))) {
>         return PARENT_WALK_DONE;  
>     }
>     parent_dentry = dget_parent(p->dentry);
>     dput(p->dentry);
>     p->dentry = parent_dentry;
>     return PARENT_WALK_NEXT; 
> }
> 
> This will handle the mount. However, we cannot guarantee deny-by-default
> policies like LandLock does, because this is just a building block of 
> some security policies. 

You do realize that above is racy as hell, right?

Filesystem objects do get moved around.  You can, theoretically, play with
rename_lock, but that is highly antisocial.

What's more, _mounts_ can get moved around.  That is to say, there is no
such thing as stable canonical pathname of a file.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ