lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <202501051942.ltat2hZ8-lkp@intel.com>
Date: Sun, 5 Jan 2025 19:10:45 +0800
From: kernel test robot <lkp@...el.com>
To: Günther Noack <gnoack3000@...il.com>
Cc: oe-kbuild-all@...ts.linux.dev, linux-kernel@...r.kernel.org,
	Mickaël Salaün <mic@...ikod.net>
Subject: security/landlock/fs.c:480: warning: Function parameter or struct
 member '' not described in 'is_access_to_paths_allowed'

tree:   https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head:   ab75170520d4964f3acf8bb1f91d34cbc650688e
commit: 106794c46b13a2820d3954d7a2892fa1978b4162 landlock: Refactor check_access_path_dual() into is_access_to_paths_allowed()
date:   2 years, 3 months ago
config: csky-randconfig-r026-20230729 (https://download.01.org/0day-ci/archive/20250105/202501051942.ltat2hZ8-lkp@intel.com/config)
compiler: csky-linux-gcc (GCC) 12.4.0
reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20250105/202501051942.ltat2hZ8-lkp@intel.com/reproduce)

If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@...el.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202501051942.ltat2hZ8-lkp@intel.com/

All warnings (new ones prefixed by >>):

   Use of uninitialized value $param in regexp compilation at scripts/kernel-doc line 1532, <IN_FILE> line 480.
   Use of uninitialized value $actual in substitution (s///) at scripts/kernel-doc line 1484, <IN_FILE> line 480.
   Use of uninitialized value $actual in substitution (s///) at scripts/kernel-doc line 1484, <IN_FILE> line 480.
   Use of uninitialized value $param in substitution (s///) at scripts/kernel-doc line 1588, <IN_FILE> line 480.
   Use of uninitialized value $param in pattern match (m//) at scripts/kernel-doc line 1616, <IN_FILE> line 480.
   Use of uninitialized value $param in hash element at scripts/kernel-doc line 1626, <IN_FILE> line 480.
   Use of uninitialized value $param in pattern match (m//) at scripts/kernel-doc line 1626, <IN_FILE> line 480.
   Use of uninitialized value $param in hash element at scripts/kernel-doc line 1627, <IN_FILE> line 480.
   Use of uninitialized value $param in pattern match (m//) at scripts/kernel-doc line 1629, <IN_FILE> line 480.
   Use of uninitialized value $param in concatenation (.) or string at scripts/kernel-doc line 1630, <IN_FILE> line 480.
>> security/landlock/fs.c:480: warning: Function parameter or struct member '' not described in 'is_access_to_paths_allowed'
   Use of uninitialized value $param in hash element at scripts/kernel-doc line 1645, <IN_FILE> line 480.
   Use of uninitialized value $param in regexp compilation at scripts/kernel-doc line 1532, <IN_FILE> line 480.
   Use of uninitialized value $actual in substitution (s///) at scripts/kernel-doc line 1484, <IN_FILE> line 480.
   Use of uninitialized value $actual in substitution (s///) at scripts/kernel-doc line 1484, <IN_FILE> line 480.
   Use of uninitialized value $param in substitution (s///) at scripts/kernel-doc line 1588, <IN_FILE> line 480.
   Use of uninitialized value $param in pattern match (m//) at scripts/kernel-doc line 1616, <IN_FILE> line 480.
   Use of uninitialized value $param in hash element at scripts/kernel-doc line 1626, <IN_FILE> line 480.
   Use of uninitialized value $param in hash element at scripts/kernel-doc line 1645, <IN_FILE> line 480.
   Use of uninitialized value $parameterlist[3] in join or string at scripts/kernel-doc line 1806, <IN_FILE> line 480.
   Use of uninitialized value $parameterlist[6] in join or string at scripts/kernel-doc line 1806, <IN_FILE> line 480.
>> security/landlock/fs.c:480: warning: Excess function parameter 'layer_masks_parent1' description in 'is_access_to_paths_allowed'
>> security/landlock/fs.c:480: warning: Excess function parameter 'layer_masks_parent2' description in 'is_access_to_paths_allowed'
   Use of uninitialized value $param in regexp compilation at scripts/kernel-doc line 1532, <IN_FILE> line 707.
   Use of uninitialized value $actual in substitution (s///) at scripts/kernel-doc line 1484, <IN_FILE> line 707.
   Use of uninitialized value $actual in substitution (s///) at scripts/kernel-doc line 1484, <IN_FILE> line 707.
   Use of uninitialized value $param in substitution (s///) at scripts/kernel-doc line 1588, <IN_FILE> line 707.
   Use of uninitialized value $param in pattern match (m//) at scripts/kernel-doc line 1616, <IN_FILE> line 707.
   Use of uninitialized value $param in hash element at scripts/kernel-doc line 1626, <IN_FILE> line 707.
   Use of uninitialized value $param in pattern match (m//) at scripts/kernel-doc line 1626, <IN_FILE> line 707.
   Use of uninitialized value $param in hash element at scripts/kernel-doc line 1627, <IN_FILE> line 707.
   Use of uninitialized value $param in pattern match (m//) at scripts/kernel-doc line 1629, <IN_FILE> line 707.
   Use of uninitialized value $param in concatenation (.) or string at scripts/kernel-doc line 1630, <IN_FILE> line 707.
   security/landlock/fs.c:707: warning: Function parameter or struct member '' not described in 'collect_domain_accesses'
   Use of uninitialized value $param in hash element at scripts/kernel-doc line 1645, <IN_FILE> line 707.
   Use of uninitialized value $parameterlist[3] in join or string at scripts/kernel-doc line 1806, <IN_FILE> line 707.
   security/landlock/fs.c:707: warning: Excess function parameter 'layer_masks_dom' description in 'collect_domain_accesses'


vim +480 security/landlock/fs.c

b91c3e4ea756b1 Mickaël Salaün 2022-05-06  431  
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  432  /**
106794c46b13a2 Günther Noack  2022-10-18  433   * is_access_to_paths_allowed - Check accesses for requests with a common path
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  434   *
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  435   * @domain: Domain to check against.
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  436   * @path: File hierarchy to walk through.
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  437   * @access_request_parent1: Accesses to check, once @layer_masks_parent1 is
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  438   *     equal to @layer_masks_parent2 (if any).  This is tied to the unique
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  439   *     requested path for most actions, or the source in case of a refer action
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  440   *     (i.e. rename or link), or the source and destination in case of
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  441   *     RENAME_EXCHANGE.
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  442   * @layer_masks_parent1: Pointer to a matrix of layer masks per access
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  443   *     masks, identifying the layers that forbid a specific access.  Bits from
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  444   *     this matrix can be unset according to the @path walk.  An empty matrix
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  445   *     means that @domain allows all possible Landlock accesses (i.e. not only
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  446   *     those identified by @access_request_parent1).  This matrix can
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  447   *     initially refer to domain layer masks and, when the accesses for the
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  448   *     destination and source are the same, to requested layer masks.
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  449   * @dentry_child1: Dentry to the initial child of the parent1 path.  This
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  450   *     pointer must be NULL for non-refer actions (i.e. not link nor rename).
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  451   * @access_request_parent2: Similar to @access_request_parent1 but for a
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  452   *     request involving a source and a destination.  This refers to the
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  453   *     destination, except in case of RENAME_EXCHANGE where it also refers to
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  454   *     the source.  Must be set to 0 when using a simple path request.
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  455   * @layer_masks_parent2: Similar to @layer_masks_parent1 but for a refer
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  456   *     action.  This must be NULL otherwise.
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  457   * @dentry_child2: Dentry to the initial child of the parent2 path.  This
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  458   *     pointer is only set for RENAME_EXCHANGE actions and must be NULL
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  459   *     otherwise.
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  460   *
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  461   * This helper first checks that the destination has a superset of restrictions
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  462   * compared to the source (if any) for a common path.  Because of
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  463   * RENAME_EXCHANGE actions, source and destinations may be swapped.  It then
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  464   * checks that the collected accesses and the remaining ones are enough to
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  465   * allow the request.
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  466   *
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  467   * Returns:
106794c46b13a2 Günther Noack  2022-10-18  468   * - true if the access request is granted;
106794c46b13a2 Günther Noack  2022-10-18  469   * - false otherwise.
106794c46b13a2 Günther Noack  2022-10-18  470   */
106794c46b13a2 Günther Noack  2022-10-18  471  static bool is_access_to_paths_allowed(
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  472  	const struct landlock_ruleset *const domain,
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  473  	const struct path *const path,
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  474  	const access_mask_t access_request_parent1,
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  475  	layer_mask_t (*const layer_masks_parent1)[LANDLOCK_NUM_ACCESS_FS],
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  476  	const struct dentry *const dentry_child1,
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  477  	const access_mask_t access_request_parent2,
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  478  	layer_mask_t (*const layer_masks_parent2)[LANDLOCK_NUM_ACCESS_FS],
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  479  	const struct dentry *const dentry_child2)
b91c3e4ea756b1 Mickaël Salaün 2022-05-06 @480  {
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  481  	bool allowed_parent1 = false, allowed_parent2 = false, is_dom_check,
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  482  	     child1_is_directory = true, child2_is_directory = true;
cb2c7d1a177605 Mickaël Salaün 2021-04-22  483  	struct path walker_path;
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  484  	access_mask_t access_masked_parent1, access_masked_parent2;
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  485  	layer_mask_t _layer_masks_child1[LANDLOCK_NUM_ACCESS_FS],
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  486  		_layer_masks_child2[LANDLOCK_NUM_ACCESS_FS];
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  487  	layer_mask_t(*layer_masks_child1)[LANDLOCK_NUM_ACCESS_FS] = NULL,
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  488  	(*layer_masks_child2)[LANDLOCK_NUM_ACCESS_FS] = NULL;
cb2c7d1a177605 Mickaël Salaün 2021-04-22  489  
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  490  	if (!access_request_parent1 && !access_request_parent2)
106794c46b13a2 Günther Noack  2022-10-18  491  		return true;
cb2c7d1a177605 Mickaël Salaün 2021-04-22  492  	if (WARN_ON_ONCE(!domain || !path))
106794c46b13a2 Günther Noack  2022-10-18  493  		return true;
9da82b20fde958 Mickaël Salaün 2022-05-06  494  	if (is_nouser_or_private(path->dentry))
106794c46b13a2 Günther Noack  2022-10-18  495  		return true;
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  496  	if (WARN_ON_ONCE(domain->num_layers < 1 || !layer_masks_parent1))
106794c46b13a2 Günther Noack  2022-10-18  497  		return false;
cb2c7d1a177605 Mickaël Salaün 2021-04-22  498  
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  499  	if (unlikely(layer_masks_parent2)) {
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  500  		if (WARN_ON_ONCE(!dentry_child1))
106794c46b13a2 Günther Noack  2022-10-18  501  			return false;
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  502  		/*
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  503  		 * For a double request, first check for potential privilege
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  504  		 * escalation by looking at domain handled accesses (which are
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  505  		 * a superset of the meaningful requested accesses).
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  506  		 */
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  507  		access_masked_parent1 = access_masked_parent2 =
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  508  			get_handled_accesses(domain);
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  509  		is_dom_check = true;
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  510  	} else {
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  511  		if (WARN_ON_ONCE(dentry_child1 || dentry_child2))
106794c46b13a2 Günther Noack  2022-10-18  512  			return false;
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  513  		/* For a simple request, only check for requested accesses. */
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  514  		access_masked_parent1 = access_request_parent1;
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  515  		access_masked_parent2 = access_request_parent2;
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  516  		is_dom_check = false;
8ba0005ff418ec Mickaël Salaün 2022-05-06  517  	}
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  518  
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  519  	if (unlikely(dentry_child1)) {
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  520  		unmask_layers(find_rule(domain, dentry_child1),
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  521  			      init_layer_masks(domain, LANDLOCK_MASK_ACCESS_FS,
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  522  					       &_layer_masks_child1),
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  523  			      &_layer_masks_child1);
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  524  		layer_masks_child1 = &_layer_masks_child1;
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  525  		child1_is_directory = d_is_dir(dentry_child1);
8ba0005ff418ec Mickaël Salaün 2022-05-06  526  	}
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  527  	if (unlikely(dentry_child2)) {
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  528  		unmask_layers(find_rule(domain, dentry_child2),
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  529  			      init_layer_masks(domain, LANDLOCK_MASK_ACCESS_FS,
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  530  					       &_layer_masks_child2),
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  531  			      &_layer_masks_child2);
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  532  		layer_masks_child2 = &_layer_masks_child2;
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  533  		child2_is_directory = d_is_dir(dentry_child2);
cb2c7d1a177605 Mickaël Salaün 2021-04-22  534  	}
cb2c7d1a177605 Mickaël Salaün 2021-04-22  535  
cb2c7d1a177605 Mickaël Salaün 2021-04-22  536  	walker_path = *path;
cb2c7d1a177605 Mickaël Salaün 2021-04-22  537  	path_get(&walker_path);
cb2c7d1a177605 Mickaël Salaün 2021-04-22  538  	/*
cb2c7d1a177605 Mickaël Salaün 2021-04-22  539  	 * We need to walk through all the hierarchy to not miss any relevant
cb2c7d1a177605 Mickaël Salaün 2021-04-22  540  	 * restriction.
cb2c7d1a177605 Mickaël Salaün 2021-04-22  541  	 */
cb2c7d1a177605 Mickaël Salaün 2021-04-22  542  	while (true) {
cb2c7d1a177605 Mickaël Salaün 2021-04-22  543  		struct dentry *parent_dentry;
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  544  		const struct landlock_rule *rule;
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  545  
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  546  		/*
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  547  		 * If at least all accesses allowed on the destination are
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  548  		 * already allowed on the source, respectively if there is at
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  549  		 * least as much as restrictions on the destination than on the
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  550  		 * source, then we can safely refer files from the source to
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  551  		 * the destination without risking a privilege escalation.
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  552  		 * This also applies in the case of RENAME_EXCHANGE, which
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  553  		 * implies checks on both direction.  This is crucial for
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  554  		 * standalone multilayered security policies.  Furthermore,
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  555  		 * this helps avoid policy writers to shoot themselves in the
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  556  		 * foot.
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  557  		 */
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  558  		if (unlikely(is_dom_check &&
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  559  			     no_more_access(
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  560  				     layer_masks_parent1, layer_masks_child1,
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  561  				     child1_is_directory, layer_masks_parent2,
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  562  				     layer_masks_child2,
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  563  				     child2_is_directory))) {
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  564  			allowed_parent1 = scope_to_request(
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  565  				access_request_parent1, layer_masks_parent1);
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  566  			allowed_parent2 = scope_to_request(
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  567  				access_request_parent2, layer_masks_parent2);
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  568  
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  569  			/* Stops when all accesses are granted. */
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  570  			if (allowed_parent1 && allowed_parent2)
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  571  				break;
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  572  
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  573  			/*
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  574  			 * Now, downgrades the remaining checks from domain
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  575  			 * handled accesses to requested accesses.
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  576  			 */
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  577  			is_dom_check = false;
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  578  			access_masked_parent1 = access_request_parent1;
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  579  			access_masked_parent2 = access_request_parent2;
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  580  		}
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  581  
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  582  		rule = find_rule(domain, walker_path.dentry);
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  583  		allowed_parent1 = unmask_layers(rule, access_masked_parent1,
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  584  						layer_masks_parent1);
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  585  		allowed_parent2 = unmask_layers(rule, access_masked_parent2,
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  586  						layer_masks_parent2);
cb2c7d1a177605 Mickaël Salaün 2021-04-22  587  
cb2c7d1a177605 Mickaël Salaün 2021-04-22  588  		/* Stops when a rule from each layer grants access. */
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  589  		if (allowed_parent1 && allowed_parent2)
cb2c7d1a177605 Mickaël Salaün 2021-04-22  590  			break;
cb2c7d1a177605 Mickaël Salaün 2021-04-22  591  
cb2c7d1a177605 Mickaël Salaün 2021-04-22  592  jump_up:
cb2c7d1a177605 Mickaël Salaün 2021-04-22  593  		if (walker_path.dentry == walker_path.mnt->mnt_root) {
cb2c7d1a177605 Mickaël Salaün 2021-04-22  594  			if (follow_up(&walker_path)) {
cb2c7d1a177605 Mickaël Salaün 2021-04-22  595  				/* Ignores hidden mount points. */
cb2c7d1a177605 Mickaël Salaün 2021-04-22  596  				goto jump_up;
cb2c7d1a177605 Mickaël Salaün 2021-04-22  597  			} else {
cb2c7d1a177605 Mickaël Salaün 2021-04-22  598  				/*
cb2c7d1a177605 Mickaël Salaün 2021-04-22  599  				 * Stops at the real root.  Denies access
cb2c7d1a177605 Mickaël Salaün 2021-04-22  600  				 * because not all layers have granted access.
cb2c7d1a177605 Mickaël Salaün 2021-04-22  601  				 */
cb2c7d1a177605 Mickaël Salaün 2021-04-22  602  				break;
cb2c7d1a177605 Mickaël Salaün 2021-04-22  603  			}
cb2c7d1a177605 Mickaël Salaün 2021-04-22  604  		}
cb2c7d1a177605 Mickaël Salaün 2021-04-22  605  		if (unlikely(IS_ROOT(walker_path.dentry))) {
cb2c7d1a177605 Mickaël Salaün 2021-04-22  606  			/*
cb2c7d1a177605 Mickaël Salaün 2021-04-22  607  			 * Stops at disconnected root directories.  Only allows
cb2c7d1a177605 Mickaël Salaün 2021-04-22  608  			 * access to internal filesystems (e.g. nsfs, which is
cb2c7d1a177605 Mickaël Salaün 2021-04-22  609  			 * reachable through /proc/<pid>/ns/<namespace>).
cb2c7d1a177605 Mickaël Salaün 2021-04-22  610  			 */
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  611  			allowed_parent1 = allowed_parent2 =
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  612  				!!(walker_path.mnt->mnt_flags & MNT_INTERNAL);
cb2c7d1a177605 Mickaël Salaün 2021-04-22  613  			break;
cb2c7d1a177605 Mickaël Salaün 2021-04-22  614  		}
cb2c7d1a177605 Mickaël Salaün 2021-04-22  615  		parent_dentry = dget_parent(walker_path.dentry);
cb2c7d1a177605 Mickaël Salaün 2021-04-22  616  		dput(walker_path.dentry);
cb2c7d1a177605 Mickaël Salaün 2021-04-22  617  		walker_path.dentry = parent_dentry;
cb2c7d1a177605 Mickaël Salaün 2021-04-22  618  	}
cb2c7d1a177605 Mickaël Salaün 2021-04-22  619  	path_put(&walker_path);
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  620  
106794c46b13a2 Günther Noack  2022-10-18  621  	return allowed_parent1 && allowed_parent2;
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  622  }
b91c3e4ea756b1 Mickaël Salaün 2022-05-06  623  

:::::: The code at line 480 was first introduced by commit
:::::: b91c3e4ea756b12b7d992529226edce1cfd854d7 landlock: Add support for file reparenting with LANDLOCK_ACCESS_FS_REFER

:::::: TO: Mickaël Salaün <mic@...ikod.net>
:::::: CC: Mickaël Salaün <mic@...ikod.net>

-- 
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ