From: "J. R. Okajima" <hooanon05@yahoo.co.jp>
To: "Aneesh Kumar K. V" <aneesh.kumar@linux.vnet.ibm.com>
Cc: Dave Chinner <david@fromorbit.com>,
hch@infradead.org, viro@zeniv.linux.org.uk, adilger@sun.com,
corbet@lwn.net, serue@us.ibm.com, neilb@suse.de,
linux-fsdevel@vger.kernel.org, sfrench@us.ibm.com,
philippe.deniel@CEA.FR, linux-kernel@vger.kernel.org
Subject: Re: [PATCH -V8 2/9] vfs: Add name to file handle conversion support
Date: Wed, 19 May 2010 22:50:09 +0900 [thread overview]
Message-ID: <14013.1274277009@jrobl> (raw)
In-Reply-To: <87aarwkzsi.fsf@linux.vnet.ibm.com>
"Aneesh Kumar K. V":
> How about the below patch ?
>
> commit 5f421ffbe9dd7bb84c5992b1725c06b511bc76d8
> Author: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
> Date: Wed May 19 14:52:44 2010 +0530
>
> vfs: Return ENOSYS if CONFIG_EXPORTFS is not enabled
Of course, I have no objection. :-)
Let me make sure some other issues.
If a malicious user passes altered dirfd or handle parameters, then
these things may happen.
- opens another file.
But it should not be a security hole, because finish_open_handle()
calls may_open() and the permission bits are tested expectedly.
- kernel crashes.
If s_export_op->fh_to_dentry() expects the passed handle is always
correct, then it may crash. But this is a problem of FS, instead of
open_by_handle().
- returns an error.
It is a matter of the application.
Right?
And the decode routine may return an anonymous (disconnected) dentry.
In this case, if LSM detects something wrong and produces a message,
then the filename will not be printed correctly.
This is not a problem of open_by_handle() either. Right?
J. R. Okajima
next prev parent reply other threads:[~2010-05-19 13:56 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-05-17 5:33 [PATCH -V8 0/9] Generic name to handle and open by handle syscalls Aneesh Kumar K.V
2010-05-17 5:33 ` [PATCH -V8 1/9] exportfs: Return the minimum required handle size Aneesh Kumar K.V
2010-05-17 5:33 ` [PATCH -V8 2/9] vfs: Add name to file handle conversion support Aneesh Kumar K.V
2010-05-18 2:33 ` J. R. Okajima
2010-05-18 5:40 ` Aneesh Kumar K. V
2010-05-18 6:18 ` J. R. Okajima
2010-05-18 6:58 ` Aneesh Kumar K. V
2010-05-18 6:43 ` Dave Chinner
2010-05-18 10:17 ` Aneesh Kumar K. V
2010-05-19 7:15 ` J. R. Okajima
2010-05-19 8:52 ` Aneesh Kumar K. V
2010-05-19 9:26 ` Aneesh Kumar K. V
2010-05-19 13:50 ` J. R. Okajima [this message]
2010-05-17 5:33 ` [PATCH -V8 3/9] vfs: Add open by file handle support Aneesh Kumar K.V
2010-05-17 5:33 ` [PATCH -V8 4/9] vfs: Allow handle based open on symlinks Aneesh Kumar K.V
2010-05-17 5:33 ` [PATCH -V8 5/9] vfs: Support null pathname in readlink Aneesh Kumar K.V
2010-05-17 5:33 ` [PATCH -V8 6/9] ext4: Add get_fsid callback Aneesh Kumar K.V
2010-05-17 5:33 ` [PATCH -V8 7/9] x86: Add new syscalls for x86_32 Aneesh Kumar K.V
2010-05-17 5:33 ` [PATCH -V8 8/9] x86: Add new syscalls for x86_64 Aneesh Kumar K.V
2010-05-17 5:33 ` [PATCH -V8 9/9] ext3: Add get_fsid callback Aneesh Kumar K.V
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=14013.1274277009@jrobl \
--to=hooanon05@yahoo.co.jp \
--cc=adilger@sun.com \
--cc=aneesh.kumar@linux.vnet.ibm.com \
--cc=corbet@lwn.net \
--cc=david@fromorbit.com \
--cc=hch@infradead.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=neilb@suse.de \
--cc=philippe.deniel@CEA.FR \
--cc=serue@us.ibm.com \
--cc=sfrench@us.ibm.com \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.