lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 14 May 2021 14:20:53 +0200
From:   Petr Vorel <petr.vorel@...il.com>
To:     Heiko Thiery <heiko.thiery@...il.com>
Cc:     David Ahern <dsahern@...il.com>, netdev@...r.kernel.org,
        linux-kernel@...r.kernel.org, stephen@...workplumber.org,
        Dmitry Yakunin <zeil@...dex-team.ru>
Subject: Re: [PATCH iproute2-next v3] lib/fs: fix issue when
 {name,open}_to_handle_at() is not implemented

> Hi David,

> Am Mo., 10. Mai 2021 um 00:20 Uhr schrieb David Ahern <dsahern@...il.com>:

> > On 5/8/21 12:49 AM, Heiko Thiery wrote:
> > > With commit d5e6ee0dac64 the usage of functions name_to_handle_at() and
> > > open_by_handle_at() are introduced. But these function are not available
> > > e.g. in uclibc-ng < 1.0.35. To have a backward compatibility check for the
> > > availability in the configure script and in case of absence do a direct
> > > syscall.

> > > Fixes: d5e6ee0dac64 ("ss: introduce cgroup2 cache and helper functions")
> > > Cc: Dmitry Yakunin <zeil@...dex-team.ru>
> > > Cc: Petr Vorel <petr.vorel@...il.com>
> > > Signed-off-by: Heiko Thiery <heiko.thiery@...il.com>
> > > ---
> > > v3:
> > >  - use correct syscall number (thanks to Petr Vorel)
> > >  - add #include <sys/syscall.h> (thanks to Petr Vorel)
> > >  - remove bogus parameters (thanks to Petr Vorel)
> > >  - fix #ifdef (thanks to Petr Vorel)
> > >  - added Fixes tag (thanks to David Ahern)
> > >  - build test with buildroot 2020.08.3 using uclibc 1.0.34

> > > v2:
> > >  - small correction to subject
> > >  - removed IP_CONFIG_HANDLE_AT:=y option since it is not required
> > >  - fix indentation in check function
> > >  - removed empty lines (thanks to Petr Vorel)
> > >  - add #define _GNU_SOURCE in check (thanks to Petr Vorel)
> > >  - check only for name_to_handle_at (thanks to Petr Vorel)

> > >  configure | 28 ++++++++++++++++++++++++++++
> > >  lib/fs.c  | 25 +++++++++++++++++++++++++
> > >  2 files changed, 53 insertions(+)

> > > diff --git a/configure b/configure
> > > index 2c363d3b..179eae08 100755
> > > --- a/configure
> > > +++ b/configure
> > > @@ -202,6 +202,31 @@ EOF
> > >      rm -f $TMPDIR/setnstest.c $TMPDIR/setnstest
> > >  }

> > > +check_name_to_handle_at()
> > > +{
> > > +    cat >$TMPDIR/name_to_handle_at_test.c <<EOF
> > > +#define _GNU_SOURCE
> > > +#include <sys/types.h>
> > > +#include <sys/stat.h>
> > > +#include <fcntl.h>
> > > +int main(int argc, char **argv)
> > > +{
> > > +     struct file_handle *fhp;
> > > +     int mount_id, flags, dirfd;
> > > +     char *pathname;
> > > +     name_to_handle_at(dirfd, pathname, fhp, &mount_id, flags);
> > > +     return 0;
> > > +}
> > > +EOF
> > > +    if $CC -I$INCLUDE -o $TMPDIR/name_to_handle_at_test $TMPDIR/name_to_handle_at_test.c >/dev/null 2>&1; then
> > > +        echo "yes"
> > > +        echo "CFLAGS += -DHAVE_HANDLE_AT" >>$CONFIG
> > > +    else
> > > +        echo "no"
> > > +    fi
> > > +    rm -f $TMPDIR/name_to_handle_at_test.c $TMPDIR/name_to_handle_at_test
> > > +}
> > > +
> > >  check_ipset()
> > >  {
> > >      cat >$TMPDIR/ipsettest.c <<EOF
> > > @@ -492,6 +517,9 @@ fi
> > >  echo -n "libc has setns: "
> > >  check_setns

> > > +echo -n "libc has name_to_handle_at: "
> > > +check_name_to_handle_at
> > > +
> > >  echo -n "SELinux support: "
> > >  check_selinux

> > > diff --git a/lib/fs.c b/lib/fs.c
> > > index f161d888..05697a7e 100644
> > > --- a/lib/fs.c
> > > +++ b/lib/fs.c
> > > @@ -25,11 +25,36 @@

> > >  #include "utils.h"

> > > +#ifndef HAVE_HANDLE_AT
> > > +# include <sys/syscall.h>
> > > +#endif
> > > +
> > >  #define CGROUP2_FS_NAME "cgroup2"

> > >  /* if not already mounted cgroup2 is mounted here for iproute2's use */
> > >  #define MNT_CGRP2_PATH  "/var/run/cgroup2"

> > > +
> > > +#ifndef HAVE_HANDLE_AT
> > > +struct file_handle {
> > > +     unsigned handle_bytes;
> > > +     int handle_type;
> > > +     unsigned char f_handle[];
> > > +};
> > > +
> > > +static int name_to_handle_at(int dirfd, const char *pathname,
> > > +     struct file_handle *handle, int *mount_id, int flags)
> > > +{
> > > +     return syscall(__NR_name_to_handle_at, dirfd, pathname, handle,
> > > +                    mount_id, flags);
> > > +}
> > > +
> > > +static int open_by_handle_at(int mount_fd, struct file_handle *handle, int flags)
> > > +{
> > > +     return syscall(__NR_open_by_handle_at, mount_fd, handle, flags);
> > > +}
> > > +#endif
> > > +
> > >  /* return mount path of first occurrence of given fstype */
> > >  static char *find_fs_mount(const char *fs_to_find)
> > >  {


> > This causes compile failures if anyone is reusing a tree. It would be
> > good to require config.mk to be updated if configure is newer.

> Do you mean the config.mk should have a dependency to configure in the
> Makefile? Wouldn't that be better as a separate patch?

I guess it should be a separate patch. I'm surprised it wasn't needed before.

Kind regards,
Petr

> Thanks

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ