| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 26 Nov 2015 16:19:29 +0100
From: Hannes Frederic Sowa <hannes@...essinduktion.org>
To: Daniel Borkmann <daniel@...earbox.net>, stephen@...workplumber.org
Cc: ast@...nel.org, netdev@...r.kernel.org
Subject: Re: [PATCH iproute2 -next v2 4/5] {f,m}_bpf: allow updates on program
arrays
On Thu, Nov 26, 2015, at 15:38, Daniel Borkmann wrote:
> +static int bpf_mnt_fs(const char *target)
> +{
> + bool bind_done = false;
> +
> + while (mount("", target, "none", MS_PRIVATE | MS_REC, NULL)) {
> + if (errno != EINVAL || bind_done) {
> + fprintf(stderr, "mount --make-private %s failed:
> %s\n",
> + target, strerror(errno));
> + return -1;
> + }
> +
> + if (mount(target, target, "none", MS_BIND, NULL)) {
> + fprintf(stderr, "mount --bind %s %s failed:
> %s\n",
> + target, target, strerror(errno));
> + return -1;
> + }
> +
> + bind_done = true;
> + }
Why does user space actually still have to deal with setting the mount
point private? Isn't this handled by the kernel?
> + if (mount("bpf", target, "bpf", 0, NULL)) {
> + fprintf(stderr, "mount -t bpf bpf %s failed: %s\n",
> + target, strerror(errno));
> + return -1;
> + }
Shouldn't this be just enough?
> + return 0;
> +}
Thanks,
Hannes
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists