| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAHC9VhTnVg-5C75qY8NkfKs4tjbVz62Vk=SVXS2mwH0f3ftLhQ@mail.gmail.com>
Date: Fri, 7 Feb 2025 14:09:55 -0500
From: Paul Moore <paul@...l-moore.com>
To: NeilBrown <neilb@...e.de>
Cc: Christian Brauner <brauner@...nel.org>, Alexander Viro <viro@...iv.linux.org.uk>, Jan Kara <jack@...e.cz>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>, "Rafael J. Wysocki" <rafael@...nel.org>,
Danilo Krummrich <dakr@...nel.org>, Kent Overstreet <kent.overstreet@...ux.dev>,
Trond Myklebust <trondmy@...nel.org>, Anna Schumaker <anna@...nel.org>,
Namjae Jeon <linkinjeon@...nel.org>, Steve French <sfrench@...ba.org>,
Sergey Senozhatsky <senozhatsky@...omium.org>, Tom Talpey <tom@...pey.com>,
Eric Paris <eparis@...hat.com>, linux-kernel@...r.kernel.org,
linux-bcachefs@...r.kernel.org, linux-fsdevel@...r.kernel.org,
linux-nfs@...r.kernel.org, linux-cifs@...r.kernel.org, audit@...r.kernel.org
Subject: Re: [PATCH 1/2] VFS: change kern_path_locked() and
user_path_locked_at() to never return negative dentry
On Thu, Feb 6, 2025 at 10:41 PM NeilBrown <neilb@...e.de> wrote:
>
> No callers of kern_path_locked() or user_path_locked_at() want a
> negative dentry. So change them to return -ENOENT instead. This
> simplifies callers.
>
> This results in a subtle change to bcachefs in that an ioctl will now
> return -ENOENT in preference to -EXDEV. I believe this restores the
> behaviour to what it was prior to
> Commit bbe6a7c899e7 ("bch2_ioctl_subvolume_destroy(): fix locking")
>
> Signed-off-by: NeilBrown <neilb@...e.de>
> ---
> drivers/base/devtmpfs.c | 65 +++++++++++++++++++----------------------
> fs/bcachefs/fs-ioctl.c | 4 ---
> fs/namei.c | 4 +++
> kernel/audit_watch.c | 12 ++++----
> 4 files changed, 40 insertions(+), 45 deletions(-)
...
> diff --git a/kernel/audit_watch.c b/kernel/audit_watch.c
> index 7f358740e958..e3130675ee6b 100644
> --- a/kernel/audit_watch.c
> +++ b/kernel/audit_watch.c
> @@ -350,11 +350,10 @@ static int audit_get_nd(struct audit_watch *watch, struct path *parent)
> struct dentry *d = kern_path_locked(watch->path, parent);
> if (IS_ERR(d))
> return PTR_ERR(d);
> - if (d_is_positive(d)) {
> - /* update watch filter fields */
> - watch->dev = d->d_sb->s_dev;
> - watch->ino = d_backing_inode(d)->i_ino;
> - }
> + /* update watch filter fields */
> + watch->dev = d->d_sb->s_dev;
> + watch->ino = d_backing_inode(d)->i_ino;
> +
> inode_unlock(d_backing_inode(parent->dentry));
> dput(d);
> return 0;
> @@ -419,7 +418,7 @@ int audit_add_watch(struct audit_krule *krule, struct list_head **list)
> /* caller expects mutex locked */
> mutex_lock(&audit_filter_mutex);
>
> - if (ret) {
> + if (ret && ret != -ENOENT) {
> audit_put_watch(watch);
> return ret;
> }
> @@ -438,6 +437,7 @@ int audit_add_watch(struct audit_krule *krule, struct list_head **list)
>
> h = audit_hash_ino((u32)watch->ino);
> *list = &audit_inode_hash[h];
> + ret = 0;
If you have to respin this patch for any reason I'd prefer to move the
'ret = 0' up to just after the if block you're modifying in the chunk
above, but that's a trivial nitpick so please don't respin only for
that. Otherwise it looks fine to me from an audit perspective.
Acked-by: Paul Moore <paul@...l-moore.com> (Audit)
> error:
> path_put(&parent_path);
> audit_put_watch(watch);
> --
> 2.47.1
--
paul-moore.com
Powered by blists - more mailing lists