| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAGudoHF5E=PSkJ6Gf7jOeU9Ry72QyNkanqQzMdmy_Kraj=SL+w@mail.gmail.com> Date: Mon, 7 Apr 2025 02:41:13 +0200 From: Mateusz Guzik <mjguzik@...il.com> To: Christian Brauner <brauner@...nel.org> Cc: Christoph Hellwig <hch@...radead.org>, Penglei Jiang <superman.xpt@...il.com>, viro@...iv.linux.org.uk, jack@...e.cz, linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org, syzbot+5d8e79d323a13aa0b248@...kaller.appspotmail.com Subject: Re: [PATCH] anon_inode: use a proper mode internally On Sun, Apr 6, 2025 at 9:51 PM Christian Brauner <brauner@...nel.org> wrote: > > > Anyway, I'm finishing the patch and testing tomorrow and will send out > > with all the things I mentioned (unless I find out I'm wrong). > > Found my notes about this. I knew I had notes about this somewhere... > It isn't possible to execute anoymous inodes because you cannot open > them. That includes stuff like: > > execveat(fd_anon_inode, "", NULL, NULL, AT_EMPTY_PATH) > > Look, anonymous inodes have inode->f_op set to no_open_fops which sets > no_open() which returns ENXIO. That means any call to do_dentry_open() > which is the endpoint of the do_open_execat() will fail. There's no > chance to execute an anonymous inode. Unless a given subsystem overrides > it ofc. > > I still agree that we need to be more coherent about this and we need to > improve various semantical quirks I pointed out. But the exec problem > isn't really an issue so the patch itself still seems correct to me. Ok, that makes sense. Thanks for the explanation. -- Mateusz Guzik <mjguzik gmail.com>
Powered by blists - more mailing lists