| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-id: <173891122321.22054.758548441508211924@noble.neil.brown.name> Date: Fri, 07 Feb 2025 17:53:43 +1100 From: "NeilBrown" <neilb@...e.de> To: "Kent Overstreet" <kent.overstreet@...ux.dev> Cc: "Christian Brauner" <brauner@...nel.org>, "Alexander Viro" <viro@...iv.linux.org.uk>, "Jan Kara" <jack@...e.cz>, "Greg Kroah-Hartman" <gregkh@...uxfoundation.org>, "Rafael J. Wysocki" <rafael@...nel.org>, "Danilo Krummrich" <dakr@...nel.org>, "Trond Myklebust" <trondmy@...nel.org>, "Anna Schumaker" <anna@...nel.org>, "Namjae Jeon" <linkinjeon@...nel.org>, "Steve French" <sfrench@...ba.org>, "Sergey Senozhatsky" <senozhatsky@...omium.org>, "Tom Talpey" <tom@...pey.com>, "Paul Moore" <paul@...l-moore.com>, "Eric Paris" <eparis@...hat.com>, linux-kernel@...r.kernel.org, linux-bcachefs@...r.kernel.org, linux-fsdevel@...r.kernel.org, linux-nfs@...r.kernel.org, linux-cifs@...r.kernel.org, audit@...r.kernel.org Subject: Re: [PATCH 1/2] VFS: change kern_path_locked() and user_path_locked_at() to never return negative dentry On Fri, 07 Feb 2025, NeilBrown wrote: > On Fri, 07 Feb 2025, Kent Overstreet wrote: > > On Fri, Feb 07, 2025 at 02:36:47PM +1100, NeilBrown wrote: > > > No callers of kern_path_locked() or user_path_locked_at() want a > > > negative dentry. So change them to return -ENOENT instead. This > > > simplifies callers. > > > > > > This results in a subtle change to bcachefs in that an ioctl will now > > > return -ENOENT in preference to -EXDEV. I believe this restores the > > > behaviour to what it was prior to > > > > I'm not following how the code change matches the commit message? > > Maybe it doesn't. Let me checked. > > Two of the possible error returns from bch2_ioctl_subvolume_destroy(), > which implements the BCH_IOCTL_SUBVOLUME_DESTROY ioctl, are -ENOENT and > -EXDEV. > > -ENOENT is returned if the path named in arg.dst_ptr cannot be found. > -EXDEV is returned if the filesystem on which that path exists is not > the one that the ioctl is called on. > > If the target filesystem is "/foo" and the path given is "/bar/baz" and > /bar exists but /bar/baz does not, then user_path_locked_at or > user_path_at will return a negative dentry corresponding to the > (non-existent) name "baz" in /bar. > > In this case the dentry exists so the filesystem on which it was found > can be tested, but the dentry is negative. So both -ENOENT and -EXDEV > are credible return values. > > > - before bbe6a7c899e7 the -EXDEV is tested immediately after the call > to user_path_at() so there is no chance that ENOENT will be returned. > I cannot actually find where ENOENT could be returned ... but that > doesn't really matter now. No, that's not right. user_path_at() never returns a negative dentry. It isn't documented and I tried reading the code instead of looking at callers. So before that commit it DID return ENOENT rather than -EXDEV where as after that commit it returns -EXDEV rather than -ENOENT. So my patch IS restoring the old behaviour. Are you *sure* you want -EXDEV when given a non-existent path? Thanks, NeilBrown > > - after that patch .... again the -EXDEV test comes first. That isn't > what I remember. I must have misread it. > > - after my patch user_path_locked_at() will return -ENOENT if the whole > name cannot be found. So now you get -ENOENT instead of -EXDEV. > > So with my patch, ENOENT always wins, and it was never like that before. > Thanks for challenging me! > > Do you think there could be a problem with changing the error returned > in this circumstance? i.e. if you try to destroy a subvolume with a > non-existant name on a different filesystem could getting -ENOENT > instead of -EXDEV be noticed? > > Thanks, > NeilBrown > >
Powered by blists - more mailing lists