| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CANaxB-zRh1=Azkx3fO4tmUAwzjQVE=-0=PeTN9aM1MxK1UzM+Q@mail.gmail.com> Date: Tue, 2 Dec 2025 07:52:15 -0800 From: Andrei Vagin <avagin@...il.com> To: Bhavik Sachdev <b.sachdev1904@...il.com> Cc: Alexander Viro <viro@...iv.linux.org.uk>, Christian Brauner <brauner@...nel.org>, Shuah Khan <shuah@...nel.org>, linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org, linux-kselftest@...r.kernel.org, criu@...ts.linux.dev, Jan Kara <jack@...e.cz>, Jeff Layton <jlayton@...nel.org>, Aleksa Sarai <cyphar@...har.com>, Miklos Szeredi <miklos@...redi.hu>, Pavel Tikhomirov <ptikhomirov@...tuozzo.com>, Alexander Mikhalitsyn <alexander@...alicyn.com>, John Hubbard <jhubbard@...dia.com>, Amir Goldstein <amir73il@...il.com>, "Martin K . Petersen" <martin.petersen@...cle.com>, Andrew Donnellan <ajd@...ux.ibm.com> Subject: Re: [PATCH v7 2/3] statmount: accept fd as a parameter On Sat, Nov 29, 2025 at 1:15 AM Bhavik Sachdev <b.sachdev1904@...il.com> wrote: > > Extend `struct mnt_id_req` to take in a fd and introduce STATMOUNT_BY_FD > flag. When a valid fd is provided and STATMOUNT_BY_FD is set, statmount > will return mountinfo about the mount the fd is on. > > This even works for "unmounted" mounts (mounts that have been umounted > using umount2(mnt, MNT_DETACH)), if you have access to a file descriptor > on that mount. These "umounted" mounts will have no mountpoint and no > valid mount namespace. Hence, we unset the STATMOUNT_MNT_POINT and > STATMOUNT_MNT_NS_ID in statmount.mask for "unmounted" mounts. > > In case of STATMOUNT_BY_FD, given that we already have access to an fd > on the mount, accessing mount information without a capability check > seems fine because of the following reasons: > > - All fs related information is available via fstatfs() without any > capability check. > - Mount information is also available via /proc/pid/mountinfo (without > any capability check). > - Given that we have access to a fd on the mount which tells us that we > had access to the mount at some point (or someone that had access gave > us the fd). So, we should be able to access mount info. > Acked-by: Andrei Vagin <avagin@...il.com> > Co-developed-by: Pavel Tikhomirov <ptikhomirov@...tuozzo.com> > Signed-off-by: Pavel Tikhomirov <ptikhomirov@...tuozzo.com> > Signed-off-by: Bhavik Sachdev <b.sachdev1904@...il.com> > --- > fs/namespace.c | 102 ++++++++++++++++++++++++------------- > include/uapi/linux/mount.h | 10 +++- > 2 files changed, 76 insertions(+), 36 deletions(-) > > diff --git a/fs/namespace.c b/fs/namespace.c > index ee36d67f1ac2..73ffa1fbdad7 100644 > --- a/fs/namespace.c > +++ b/fs/namespace.c > @@ -5563,31 +5563,49 @@ static int grab_requested_root(struct mnt_namespace *ns, struct path *root) > > /* locks: namespace_shared */ > static int do_statmount(struct kstatmount *s, u64 mnt_id, u64 mnt_ns_id, > - struct mnt_namespace *ns) > + struct file *mnt_file, struct mnt_namespace *ns) no spaces at the start of a line, code indent should use tabs. ./scripts/checkpatch.pl can help to avoid this sort of typos. Thanks, Andrei
Powered by blists - more mailing lists