lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAPhsuW5BhAJ2md8EgVgKM4yiAgafnhxT9aj_a4HQkr=+=vug-g@mail.gmail.com>
Date: Mon, 2 Jun 2025 06:36:15 -0700
From: Song Liu <song@...nel.org>
To: Tingmao Wang <m@...wtm.org>
Cc: Mickaël Salaün <mic@...ikod.net>, 
	linux-fsdevel@...r.kernel.org, linux-security-module@...r.kernel.org, 
	bpf@...r.kernel.org, linux-kernel@...r.kernel.org, kernel-team@...a.com, 
	andrii@...nel.org, eddyz87@...il.com, ast@...nel.org, daniel@...earbox.net, 
	martin.lau@...ux.dev, viro@...iv.linux.org.uk, brauner@...nel.org, 
	jack@...e.cz, kpsingh@...nel.org, mattbobrowski@...gle.com, 
	amir73il@...il.com, repnop@...gle.com, jlayton@...nel.org, 
	josef@...icpanda.com, gnoack@...gle.com
Subject: Re: [PATCH bpf-next 2/4] landlock: Use path_parent()

On Sat, May 31, 2025 at 6:51 AM Tingmao Wang <m@...wtm.org> wrote:
[...]
> I'm not sure if the original behavior was intentional, but since this
> technically counts as a functional changes, just pointing this out.

Thanks for pointing it out! I think it is possible to keep current
behavior. Or we can change the behavior and state that clearly
in the commit log. Mickaël, WDYT?

>
> Also I'm slightly worried about the performance overhead of doing
> path_connected for every hop in the iteration (but ultimately it's
> Mickaël's call).  At least for Landlock, I think if we want to block all

Maybe we need a flag to path_parent (or path_walk_parent) so
that we only check for path_connected when necessary.

Thanks,
Song

> access to disconnected files, as long as we eventually realize we have
> been disconnected (by doing the "if dentry == path.mnt" check once when we
> reach root), and in that case deny access, we should be good.
>
>
> > @@ -918,12 +915,15 @@ static bool is_access_to_paths_allowed(
> >                               allowed_parent1 = true;
> >                               allowed_parent2 = true;
> >                       }
> > +                     goto walk_done;
> > +             case PATH_PARENT_SAME_MOUNT:
> >                       break;
> > +             default:
> > +                     WARN_ON_ONCE(1);
> > +                     goto walk_done;
> >               }
> > -             parent_dentry = dget_parent(walker_path.dentry);
> > -             dput(walker_path.dentry);
> > -             walker_path.dentry = parent_dentry;
> >       }
> > +walk_done:
> >       path_put(&walker_path);
> >
> >       if (!allowed_parent1) {
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ