lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <iddnfcdrppivtq53zrajuiidfmg6sw6bxdg57j2ielnnor4mlk@i7ddvvhfu7dm>
Date: Sat, 13 Dec 2025 19:44:29 +0100
From: Alejandro Colomar <alx@...nel.org>
To: Alyssa Ross <hi@...ssa.is>
Cc: Christian Brauner <brauner@...nel.org>, 
	Al Viro <viro@...iv.linux.org.uk>, linux-kernel@...r.kernel.org, linux-man@...r.kernel.org
Subject: Re: [PATCH] man/man2/setns.2: clarify type of nsfs fd required

Hi Alyssa,

On Sat, Dec 13, 2025 at 06:58:53PM +0100, Alyssa Ross wrote:
> I was surprised to discover than an O_PATH file descriptor was
> insufficient.

How did you discover it?  Could you please link to relevant information
(or kernel sources)?

> Since the mode of nsfs files is always 0444, tell
> callers to always a file descriptor opened for reading.

Missing 'use'?

> 
> Signed-off-by: Alyssa Ross <hi@...ssa.is>


Have a lovely night!
Alex

> ---
>  man/man2/setns.2 | 8 +++++++-
>  1 file changed, 7 insertions(+), 1 deletion(-)
> 
> diff --git a/man/man2/setns.2 b/man/man2/setns.2
> index ea6a9c054..ed4937280 100644
> --- a/man/man2/setns.2
> +++ b/man/man2/setns.2
> @@ -23,7 +23,7 @@ The
>  .I fd
>  argument is one of the following:
>  .IP \[bu] 3
> -a file descriptor referring to one of the magic links in a
> +a file descriptor opened for reading one of the magic links in a
>  .IR /proc/ pid /ns/
>  directory (or a bind mount to such a link);
>  .IP \[bu]
> @@ -265,6 +265,12 @@ is set to indicate the error.
>  .I fd
>  is not a valid file descriptor.
>  .TP
> +.B EBADF
> +.I fd
> +is an
> +.B O_PATH
> +file descriptor.
> +.TP
>  .B EINVAL
>  .I fd
>  refers to a namespace whose type does not match that specified in
> 
> base-commit: 46950a0845de91c422efe6c639091ace42cb92f8
> -- 
> 2.51.0
> 

-- 
<https://www.alejandro-colomar.es>

Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ