| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <b027d66d-c021-4a95-af1f-b5bc2b9b4c33@bootlin.com>
Date: Fri, 28 Feb 2025 15:43:32 +0100
From: Louis Chauvet <louis.chauvet@...tlin.com>
To: José Expósito <jose.exposito89@...il.com>
Cc: hamohammed.sa@...il.com, simona@...ll.ch, melissa.srw@...il.com,
maarten.lankhorst@...ux.intel.com, mripard@...nel.org, tzimmermann@...e.de,
airlied@...il.com, dri-devel@...ts.freedesktop.org,
linux-kernel@...r.kernel.org
Subject: [PATCH 1/2] configfs: Add mechanism to prevent symlink deletion
Introduce a new mechanism in configfs to prevent the deletion of certain
symlink.
This is particularly useful in scenarios where userspace should not be
allowed
to modify the configfs structure under some conditions, such as in VKMS.
Signed-off-by: Louis Chauvet <louis.chauvet@...tlin.com>
---
drivers/gpu/drm/vkms/vkms_configfs.c | 20 ++++++++++++++++++++
fs/configfs/symlink.c | 12 +++++++++---
include/linux/configfs.h | 1 +
3 files changed, 30 insertions(+), 3 deletions(-)
diff --git a/drivers/gpu/drm/vkms/vkms_configfs.c
b/drivers/gpu/drm/vkms/vkms_configfs.c
index f0813536be12..8a7d954399e9 100644
--- a/drivers/gpu/drm/vkms/vkms_configfs.c
+++ b/drivers/gpu/drm/vkms/vkms_configfs.c
@@ -295,8 +295,28 @@ static void plane_possible_crtcs_drop_link(struct
config_item *src,
mutex_unlock(&plane->dev->lock);
}
+static int plane_possible_crtcs_allow_drop_link(struct config_item *src,
+ struct config_item *target)
+{
+ struct vkms_configfs_plane *plane;
+ struct vkms_configfs_crtc *crtc;
+ bool enabled;
+
+ plane = plane_possible_crtcs_item_to_vkms_configfs_plane(src);
+ crtc = crtc_item_to_vkms_configfs_crtc(target);
+
+ mutex_lock(&plane->dev->lock);
+ enabled = plane->dev->enabled;
+ mutex_unlock(&plane->dev->lock);
+
+ if (enabled)
+ return -EBUSY;
+ return 0;
+}
+
static struct configfs_item_operations
plane_possible_crtcs_item_operations = {
.allow_link = plane_possible_crtcs_allow_link,
+ .allow_drop_link = plane_possible_crtcs_allow_drop_link,
.drop_link = plane_possible_crtcs_drop_link,
};
diff --git a/fs/configfs/symlink.c b/fs/configfs/symlink.c
index 69133ec1fac2..925e2e15eb9b 100644
--- a/fs/configfs/symlink.c
+++ b/fs/configfs/symlink.c
@@ -233,6 +233,13 @@ int configfs_unlink(struct inode *dir, struct
dentry *dentry)
parent_item = configfs_get_config_item(dentry->d_parent);
type = parent_item->ci_type;
+ if (type && type->ct_item_ops &&
+ type->ct_item_ops->allow_drop_link) {
+ ret = type->ct_item_ops->allow_drop_link(parent_item,
target_sd->s_element);
+ if (ret)
+ goto out_put;
+ }
+
spin_lock(&configfs_dirent_lock);
list_del_init(&sd->s_sibling);
spin_unlock(&configfs_dirent_lock);
@@ -255,10 +262,9 @@ int configfs_unlink(struct inode *dir, struct
dentry *dentry)
spin_unlock(&configfs_dirent_lock);
configfs_put(target_sd);
- config_item_put(parent_item);
-
ret = 0;
-
+out_put:
+ config_item_put(parent_item);
out:
return ret;
}
diff --git a/include/linux/configfs.h b/include/linux/configfs.h
index c771e9d0d0b9..7fc52a78d6cd 100644
--- a/include/linux/configfs.h
+++ b/include/linux/configfs.h
@@ -208,6 +208,7 @@ static struct configfs_bin_attribute
_pfx##attr_##_name = { \
struct configfs_item_operations {
void (*release)(struct config_item *);
int (*allow_link)(struct config_item *src, struct config_item *target);
+ int (*allow_drop_link)(struct config_item *src, struct config_item
*target);
void (*drop_link)(struct config_item *src, struct config_item *target);
};
--
2.48.1
Powered by blists - more mailing lists