From: Al Viro <viro@zeniv.linux.org.uk>
To: Aleksa Sarai <cyphar@cyphar.com>
Cc: Jeff Layton <jlayton@kernel.org>,
"J. Bruce Fields" <bfields@fieldses.org>,
Arnd Bergmann <arnd@arndb.de>,
David Howells <dhowells@redhat.com>,
Shuah Khan <shuah@kernel.org>,
Shuah Khan <skhan@linuxfoundation.org>,
Ingo Molnar <mingo@redhat.com>,
Peter Zijlstra <peterz@infradead.org>,
Christian Brauner <christian.brauner@ubuntu.com>,
David Drysdale <drysdale@google.com>,
Andy Lutomirski <luto@kernel.org>,
Linus Torvalds <torvalds@linux-foundation.org>,
Eric Biederman <ebiederm@xmission.com>,
Andrew Morton <akpm@linux-foundation.org>,
Alexei Starovoitov <ast@kernel.org>,
Kees Cook <keescook@chromium.org>, Jann Horn <jannh@google.com>,
Tycho Andersen <tycho@tycho.ws>, Chanho Min <chanho.min@lge.com>,
Oleg Nesterov <oleg@redhat.com>,
Ras
Subject: Re: [PATCH v15 3/9] namei: LOOKUP_NO_XDEV: block mountpoint crossing
Date: Wed, 13 Nov 2019 01:36:30 +0000 [thread overview]
Message-ID: <20191113013630.GZ26530@ZenIV.linux.org.uk> (raw)
In-Reply-To: <20191105090553.6350-4-cyphar@cyphar.com>
On Tue, Nov 05, 2019 at 08:05:47PM +1100, Aleksa Sarai wrote:
> @@ -862,6 +870,8 @@ static int nd_jump_root(struct nameidata *nd)
> void nd_jump_link(struct path *path)
> {
> struct nameidata *nd = current->nameidata;
> +
> + nd->last_magiclink.same_mnt = (nd->path.mnt == path->mnt);
> path_put(&nd->path);
>
> nd->path = *path;
> @@ -1082,6 +1092,10 @@ const char *get_link(struct nameidata *nd)
> if (nd->flags & LOOKUP_MAGICLINK_JUMPED) {
> if (unlikely(nd->flags & LOOKUP_NO_MAGICLINKS))
> return ERR_PTR(-ELOOP);
> + if (unlikely(nd->flags & LOOKUP_NO_XDEV)) {
> + if (!nd->last_magiclink.same_mnt)
> + return ERR_PTR(-EXDEV);
> + }
> }
Ugh... Wouldn't it be better to take that logics (some equivalent thereof)
into nd_jump_link()? Or just have nd_jump_link() return an error...
I mean, look at the callers of nd_jump_link().
static const char *policy_get_link(struct dentry *dentry,
struct inode *inode,
struct delayed_call *done)
{
struct aa_ns *ns;
struct path path;
if (!dentry)
return ERR_PTR(-ECHILD);
ns = aa_get_current_ns();
path.mnt = mntget(aafs_mnt);
path.dentry = dget(ns_dir(ns));
nd_jump_link(&path);
aa_put_ns(ns);
return NULL;
}
- very close to the end of ->get_link() instance.
static const char *proc_pid_get_link(struct dentry *dentry,
struct inode *inode,
struct delayed_call *done)
{
struct path path;
int error = -EACCES;
if (!dentry)
return ERR_PTR(-ECHILD);
/* Are we allowed to snoop on the tasks file descriptors? */
if (!proc_fd_access_allowed(inode))
goto out;
error = PROC_I(inode)->op.proc_get_link(dentry, &path);
if (error)
goto out;
nd_jump_link(&path);
return NULL;
out:
return ERR_PTR(error);
}
Ditto.
static const char *proc_ns_get_link(struct dentry *dentry,
struct inode *inode,
struct delayed_call *done)
{
const struct proc_ns_operations *ns_ops = PROC_I(inode)->ns_ops;
struct task_struct *task;
struct path ns_path;
void *error = ERR_PTR(-EACCES);
if (!dentry)
return ERR_PTR(-ECHILD);
task = get_proc_task(inode);
if (!task)
return error;
if (ptrace_may_access(task, PTRACE_MODE_READ_FSCREDS)) {
error = ns_get_path(&ns_path, task, ns_ops);
if (!error)
nd_jump_link(&ns_path);
}
put_task_struct(task);
return error;
}
The same. And that's it - there's no more of them. So how about
this in the beginning of the series, then having your magiclink
error handling done in nd_jump_link()?
diff --git a/fs/namei.c b/fs/namei.c
index 671c3c1a3425..8ec924813c30 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -859,7 +859,7 @@ static int nd_jump_root(struct nameidata *nd)
* Helper to directly jump to a known parsed path from ->get_link,
* caller must have taken a reference to path beforehand.
*/
-void nd_jump_link(struct path *path)
+const char *nd_jump_link(struct path *path)
{
struct nameidata *nd = current->nameidata;
path_put(&nd->path);
@@ -867,6 +867,7 @@ void nd_jump_link(struct path *path)
nd->path = *path;
nd->inode = nd->path.dentry->d_inode;
nd->flags |= LOOKUP_JUMPED;
+ return NULL;
}
static inline void put_link(struct nameidata *nd)
diff --git a/fs/proc/base.c b/fs/proc/base.c
index ebea9501afb8..ac4e57a3dfa5 100644
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -1626,8 +1626,7 @@ static const char *proc_pid_get_link(struct dentry *dentry,
if (error)
goto out;
- nd_jump_link(&path);
- return NULL;
+ return nd_jump_link(&path);
out:
return ERR_PTR(error);
}
diff --git a/fs/proc/namespaces.c b/fs/proc/namespaces.c
index dd2b35f78b09..dde0c501b2f3 100644
--- a/fs/proc/namespaces.c
+++ b/fs/proc/namespaces.c
@@ -54,7 +54,7 @@ static const char *proc_ns_get_link(struct dentry *dentry,
if (ptrace_may_access(task, PTRACE_MODE_READ_FSCREDS)) {
error = ns_get_path(&ns_path, task, ns_ops);
if (!error)
- nd_jump_link(&ns_path);
+ error = nd_jump_link(&ns_path);
}
put_task_struct(task);
return error;
diff --git a/include/linux/namei.h b/include/linux/namei.h
index 397a08ade6a2..f3e8438e5631 100644
--- a/include/linux/namei.h
+++ b/include/linux/namei.h
@@ -68,7 +68,7 @@ extern int follow_up(struct path *);
extern struct dentry *lock_rename(struct dentry *, struct dentry *);
extern void unlock_rename(struct dentry *, struct dentry *);
-extern void nd_jump_link(struct path *path);
+extern const char *nd_jump_link(struct path *path);
static inline void nd_terminate_link(void *name, size_t len, size_t maxlen)
{
diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c
index 45d13b6462aa..98aef94b4777 100644
--- a/security/apparmor/apparmorfs.c
+++ b/security/apparmor/apparmorfs.c
@@ -2453,18 +2453,16 @@ static const char *policy_get_link(struct dentry *dentry,
struct inode *inode,
struct delayed_call *done)
{
- struct aa_ns *ns;
- struct path path;
-
- if (!dentry)
- return ERR_PTR(-ECHILD);
- ns = aa_get_current_ns();
- path.mnt = mntget(aafs_mnt);
- path.dentry = dget(ns_dir(ns));
- nd_jump_link(&path);
- aa_put_ns(ns);
-
- return NULL;
+ const char *err = ERR_PTR(-ECHILD);
+
+ if (dentry) {
+ struct aa_ns *ns = aa_get_current_ns();
+ struct path path = {.mnt = mntget(aafs_mnt),
+ .dentry = ns_dir(ns)};
+ err = nd_jump_link(&path);
+ aa_put_ns(ns);
+ }
+ return err;
}
static int policy_readlink(struct dentry *dentry, char __user *buffer,
WARNING: multiple messages have this Message-ID (diff)
From: Al Viro <viro@zeniv.linux.org.uk>
To: Aleksa Sarai <cyphar@cyphar.com>
Cc: Jeff Layton <jlayton@kernel.org>,
"J. Bruce Fields" <bfields@fieldses.org>,
Arnd Bergmann <arnd@arndb.de>,
David Howells <dhowells@redhat.com>,
Shuah Khan <shuah@kernel.org>,
Shuah Khan <skhan@linuxfoundation.org>,
Ingo Molnar <mingo@redhat.com>,
Peter Zijlstra <peterz@infradead.org>,
Christian Brauner <christian.brauner@ubuntu.com>,
David Drysdale <drysdale@google.com>,
Andy Lutomirski <luto@kernel.org>,
Linus Torvalds <torvalds@linux-foundation.org>,
Eric Biederman <ebiederm@xmission.com>,
Andrew Morton <akpm@linux-foundation.org>,
Alexei Starovoitov <ast@kernel.org>,
Kees Cook <keescook@chromium.org>, Jann Horn <jannh@google.com>,
Tycho Andersen <tycho@tycho.ws>, Chanho Min <chanho.min@lge.com>,
Oleg Nesterov <oleg@redhat.com>,
Rasmus Villemoes <linux@rasmusvillemoes.dk>,
Alexander Shishkin <alexander.shishkin@linux.intel.com>,
Jiri Olsa <jolsa@redhat.com>, Namhyung Kim <namhyung@kernel.org>,
Christian Brauner <christian@brauner.io>,
Aleksa Sarai <asarai@suse.de>,
containers@lists.linux-foundation.org,
linux-alpha@vger.kernel.org, linux-api@vger.kernel.org,
libc-alpha@sourceware.org, linux-arch@vger.kernel.org,
linux-arm-kernel@lists.infradead.org,
linux-fsdevel@vger.kernel.org, linux-ia64@vger.kernel.org,
linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org,
linux-m68k@lists.linux-m68k.org, linux-mips@vger.kernel.org,
linux-parisc@vger.kernel.org, linuxppc-dev@lists.ozlabs.org,
linux-s390@vger.kernel.org, linux-sh@vger.kernel.org,
linux-xtensa@linux-xtensa.org, sparclinux@vger.kernel.org
Subject: Re: [PATCH v15 3/9] namei: LOOKUP_NO_XDEV: block mountpoint crossing
Date: Wed, 13 Nov 2019 01:36:30 +0000 [thread overview]
Message-ID: <20191113013630.GZ26530@ZenIV.linux.org.uk> (raw)
Message-ID: <20191113013630.iBrbbu7rPqwAFTrk73K3NEFIU3k5ZeDlWO8VWbAi5AY@z> (raw)
In-Reply-To: <20191105090553.6350-4-cyphar@cyphar.com>
On Tue, Nov 05, 2019 at 08:05:47PM +1100, Aleksa Sarai wrote:
> @@ -862,6 +870,8 @@ static int nd_jump_root(struct nameidata *nd)
> void nd_jump_link(struct path *path)
> {
> struct nameidata *nd = current->nameidata;
> +
> + nd->last_magiclink.same_mnt = (nd->path.mnt == path->mnt);
> path_put(&nd->path);
>
> nd->path = *path;
> @@ -1082,6 +1092,10 @@ const char *get_link(struct nameidata *nd)
> if (nd->flags & LOOKUP_MAGICLINK_JUMPED) {
> if (unlikely(nd->flags & LOOKUP_NO_MAGICLINKS))
> return ERR_PTR(-ELOOP);
> + if (unlikely(nd->flags & LOOKUP_NO_XDEV)) {
> + if (!nd->last_magiclink.same_mnt)
> + return ERR_PTR(-EXDEV);
> + }
> }
Ugh... Wouldn't it be better to take that logics (some equivalent thereof)
into nd_jump_link()? Or just have nd_jump_link() return an error...
I mean, look at the callers of nd_jump_link().
static const char *policy_get_link(struct dentry *dentry,
struct inode *inode,
struct delayed_call *done)
{
struct aa_ns *ns;
struct path path;
if (!dentry)
return ERR_PTR(-ECHILD);
ns = aa_get_current_ns();
path.mnt = mntget(aafs_mnt);
path.dentry = dget(ns_dir(ns));
nd_jump_link(&path);
aa_put_ns(ns);
return NULL;
}
- very close to the end of ->get_link() instance.
static const char *proc_pid_get_link(struct dentry *dentry,
struct inode *inode,
struct delayed_call *done)
{
struct path path;
int error = -EACCES;
if (!dentry)
return ERR_PTR(-ECHILD);
/* Are we allowed to snoop on the tasks file descriptors? */
if (!proc_fd_access_allowed(inode))
goto out;
error = PROC_I(inode)->op.proc_get_link(dentry, &path);
if (error)
goto out;
nd_jump_link(&path);
return NULL;
out:
return ERR_PTR(error);
}
Ditto.
static const char *proc_ns_get_link(struct dentry *dentry,
struct inode *inode,
struct delayed_call *done)
{
const struct proc_ns_operations *ns_ops = PROC_I(inode)->ns_ops;
struct task_struct *task;
struct path ns_path;
void *error = ERR_PTR(-EACCES);
if (!dentry)
return ERR_PTR(-ECHILD);
task = get_proc_task(inode);
if (!task)
return error;
if (ptrace_may_access(task, PTRACE_MODE_READ_FSCREDS)) {
error = ns_get_path(&ns_path, task, ns_ops);
if (!error)
nd_jump_link(&ns_path);
}
put_task_struct(task);
return error;
}
The same. And that's it - there's no more of them. So how about
this in the beginning of the series, then having your magiclink
error handling done in nd_jump_link()?
diff --git a/fs/namei.c b/fs/namei.c
index 671c3c1a3425..8ec924813c30 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -859,7 +859,7 @@ static int nd_jump_root(struct nameidata *nd)
* Helper to directly jump to a known parsed path from ->get_link,
* caller must have taken a reference to path beforehand.
*/
-void nd_jump_link(struct path *path)
+const char *nd_jump_link(struct path *path)
{
struct nameidata *nd = current->nameidata;
path_put(&nd->path);
@@ -867,6 +867,7 @@ void nd_jump_link(struct path *path)
nd->path = *path;
nd->inode = nd->path.dentry->d_inode;
nd->flags |= LOOKUP_JUMPED;
+ return NULL;
}
static inline void put_link(struct nameidata *nd)
diff --git a/fs/proc/base.c b/fs/proc/base.c
index ebea9501afb8..ac4e57a3dfa5 100644
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -1626,8 +1626,7 @@ static const char *proc_pid_get_link(struct dentry *dentry,
if (error)
goto out;
- nd_jump_link(&path);
- return NULL;
+ return nd_jump_link(&path);
out:
return ERR_PTR(error);
}
diff --git a/fs/proc/namespaces.c b/fs/proc/namespaces.c
index dd2b35f78b09..dde0c501b2f3 100644
--- a/fs/proc/namespaces.c
+++ b/fs/proc/namespaces.c
@@ -54,7 +54,7 @@ static const char *proc_ns_get_link(struct dentry *dentry,
if (ptrace_may_access(task, PTRACE_MODE_READ_FSCREDS)) {
error = ns_get_path(&ns_path, task, ns_ops);
if (!error)
- nd_jump_link(&ns_path);
+ error = nd_jump_link(&ns_path);
}
put_task_struct(task);
return error;
diff --git a/include/linux/namei.h b/include/linux/namei.h
index 397a08ade6a2..f3e8438e5631 100644
--- a/include/linux/namei.h
+++ b/include/linux/namei.h
@@ -68,7 +68,7 @@ extern int follow_up(struct path *);
extern struct dentry *lock_rename(struct dentry *, struct dentry *);
extern void unlock_rename(struct dentry *, struct dentry *);
-extern void nd_jump_link(struct path *path);
+extern const char *nd_jump_link(struct path *path);
static inline void nd_terminate_link(void *name, size_t len, size_t maxlen)
{
diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c
index 45d13b6462aa..98aef94b4777 100644
--- a/security/apparmor/apparmorfs.c
+++ b/security/apparmor/apparmorfs.c
@@ -2453,18 +2453,16 @@ static const char *policy_get_link(struct dentry *dentry,
struct inode *inode,
struct delayed_call *done)
{
- struct aa_ns *ns;
- struct path path;
-
- if (!dentry)
- return ERR_PTR(-ECHILD);
- ns = aa_get_current_ns();
- path.mnt = mntget(aafs_mnt);
- path.dentry = dget(ns_dir(ns));
- nd_jump_link(&path);
- aa_put_ns(ns);
-
- return NULL;
+ const char *err = ERR_PTR(-ECHILD);
+
+ if (dentry) {
+ struct aa_ns *ns = aa_get_current_ns();
+ struct path path = {.mnt = mntget(aafs_mnt),
+ .dentry = ns_dir(ns)};
+ err = nd_jump_link(&path);
+ aa_put_ns(ns);
+ }
+ return err;
}
static int policy_readlink(struct dentry *dentry, char __user *buffer,
WARNING: multiple messages have this Message-ID (diff)
From: Al Viro <viro@zeniv.linux.org.uk>
To: Aleksa Sarai <cyphar@cyphar.com>
Cc: Jeff Layton <jlayton@kernel.org>,
"J. Bruce Fields" <bfields@fieldses.org>,
Arnd Bergmann <arnd@arndb.de>,
David Howells <dhowells@redhat.com>,
Shuah Khan <shuah@kernel.org>,
Shuah Khan <skhan@linuxfoundation.org>,
Ingo Molnar <mingo@redhat.com>,
Peter Zijlstra <peterz@infradead.org>,
Christian Brauner <christian.brauner@ubuntu.com>,
David Drysdale <drysdale@google.com>,
Andy Lutomirski <luto@kernel.org>,
Linus Torvalds <torvalds@linux-foundation.org>,
Eric Biederman <ebiederm@xmission.com>,
Andrew Morton <akpm@linux-foundation.org>,
Alexei Starovoitov <ast@kernel.org>,
Kees Cook <keescook@chromium.org>, Jann Horn <jannh@google.com>,
Tycho Andersen <tycho@tycho.ws>, Chanho Min <chanho.min@lge.com>,
Oleg Nesterov <oleg@redhat.com>,
Ras
Subject: Re: [PATCH v15 3/9] namei: LOOKUP_NO_XDEV: block mountpoint crossing
Date: Wed, 13 Nov 2019 01:36:30 +0000 [thread overview]
Message-ID: <20191113013630.GZ26530@ZenIV.linux.org.uk> (raw)
In-Reply-To: <20191105090553.6350-4-cyphar@cyphar.com>
On Tue, Nov 05, 2019 at 08:05:47PM +1100, Aleksa Sarai wrote:
> @@ -862,6 +870,8 @@ static int nd_jump_root(struct nameidata *nd)
> void nd_jump_link(struct path *path)
> {
> struct nameidata *nd = current->nameidata;
> +
> + nd->last_magiclink.same_mnt = (nd->path.mnt = path->mnt);
> path_put(&nd->path);
>
> nd->path = *path;
> @@ -1082,6 +1092,10 @@ const char *get_link(struct nameidata *nd)
> if (nd->flags & LOOKUP_MAGICLINK_JUMPED) {
> if (unlikely(nd->flags & LOOKUP_NO_MAGICLINKS))
> return ERR_PTR(-ELOOP);
> + if (unlikely(nd->flags & LOOKUP_NO_XDEV)) {
> + if (!nd->last_magiclink.same_mnt)
> + return ERR_PTR(-EXDEV);
> + }
> }
Ugh... Wouldn't it be better to take that logics (some equivalent thereof)
into nd_jump_link()? Or just have nd_jump_link() return an error...
I mean, look at the callers of nd_jump_link().
static const char *policy_get_link(struct dentry *dentry,
struct inode *inode,
struct delayed_call *done)
{
struct aa_ns *ns;
struct path path;
if (!dentry)
return ERR_PTR(-ECHILD);
ns = aa_get_current_ns();
path.mnt = mntget(aafs_mnt);
path.dentry = dget(ns_dir(ns));
nd_jump_link(&path);
aa_put_ns(ns);
return NULL;
}
- very close to the end of ->get_link() instance.
static const char *proc_pid_get_link(struct dentry *dentry,
struct inode *inode,
struct delayed_call *done)
{
struct path path;
int error = -EACCES;
if (!dentry)
return ERR_PTR(-ECHILD);
/* Are we allowed to snoop on the tasks file descriptors? */
if (!proc_fd_access_allowed(inode))
goto out;
error = PROC_I(inode)->op.proc_get_link(dentry, &path);
if (error)
goto out;
nd_jump_link(&path);
return NULL;
out:
return ERR_PTR(error);
}
Ditto.
static const char *proc_ns_get_link(struct dentry *dentry,
struct inode *inode,
struct delayed_call *done)
{
const struct proc_ns_operations *ns_ops = PROC_I(inode)->ns_ops;
struct task_struct *task;
struct path ns_path;
void *error = ERR_PTR(-EACCES);
if (!dentry)
return ERR_PTR(-ECHILD);
task = get_proc_task(inode);
if (!task)
return error;
if (ptrace_may_access(task, PTRACE_MODE_READ_FSCREDS)) {
error = ns_get_path(&ns_path, task, ns_ops);
if (!error)
nd_jump_link(&ns_path);
}
put_task_struct(task);
return error;
}
The same. And that's it - there's no more of them. So how about
this in the beginning of the series, then having your magiclink
error handling done in nd_jump_link()?
diff --git a/fs/namei.c b/fs/namei.c
index 671c3c1a3425..8ec924813c30 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -859,7 +859,7 @@ static int nd_jump_root(struct nameidata *nd)
* Helper to directly jump to a known parsed path from ->get_link,
* caller must have taken a reference to path beforehand.
*/
-void nd_jump_link(struct path *path)
+const char *nd_jump_link(struct path *path)
{
struct nameidata *nd = current->nameidata;
path_put(&nd->path);
@@ -867,6 +867,7 @@ void nd_jump_link(struct path *path)
nd->path = *path;
nd->inode = nd->path.dentry->d_inode;
nd->flags |= LOOKUP_JUMPED;
+ return NULL;
}
static inline void put_link(struct nameidata *nd)
diff --git a/fs/proc/base.c b/fs/proc/base.c
index ebea9501afb8..ac4e57a3dfa5 100644
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -1626,8 +1626,7 @@ static const char *proc_pid_get_link(struct dentry *dentry,
if (error)
goto out;
- nd_jump_link(&path);
- return NULL;
+ return nd_jump_link(&path);
out:
return ERR_PTR(error);
}
diff --git a/fs/proc/namespaces.c b/fs/proc/namespaces.c
index dd2b35f78b09..dde0c501b2f3 100644
--- a/fs/proc/namespaces.c
+++ b/fs/proc/namespaces.c
@@ -54,7 +54,7 @@ static const char *proc_ns_get_link(struct dentry *dentry,
if (ptrace_may_access(task, PTRACE_MODE_READ_FSCREDS)) {
error = ns_get_path(&ns_path, task, ns_ops);
if (!error)
- nd_jump_link(&ns_path);
+ error = nd_jump_link(&ns_path);
}
put_task_struct(task);
return error;
diff --git a/include/linux/namei.h b/include/linux/namei.h
index 397a08ade6a2..f3e8438e5631 100644
--- a/include/linux/namei.h
+++ b/include/linux/namei.h
@@ -68,7 +68,7 @@ extern int follow_up(struct path *);
extern struct dentry *lock_rename(struct dentry *, struct dentry *);
extern void unlock_rename(struct dentry *, struct dentry *);
-extern void nd_jump_link(struct path *path);
+extern const char *nd_jump_link(struct path *path);
static inline void nd_terminate_link(void *name, size_t len, size_t maxlen)
{
diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c
index 45d13b6462aa..98aef94b4777 100644
--- a/security/apparmor/apparmorfs.c
+++ b/security/apparmor/apparmorfs.c
@@ -2453,18 +2453,16 @@ static const char *policy_get_link(struct dentry *dentry,
struct inode *inode,
struct delayed_call *done)
{
- struct aa_ns *ns;
- struct path path;
-
- if (!dentry)
- return ERR_PTR(-ECHILD);
- ns = aa_get_current_ns();
- path.mnt = mntget(aafs_mnt);
- path.dentry = dget(ns_dir(ns));
- nd_jump_link(&path);
- aa_put_ns(ns);
-
- return NULL;
+ const char *err = ERR_PTR(-ECHILD);
+
+ if (dentry) {
+ struct aa_ns *ns = aa_get_current_ns();
+ struct path path = {.mnt = mntget(aafs_mnt),
+ .dentry = ns_dir(ns)};
+ err = nd_jump_link(&path);
+ aa_put_ns(ns);
+ }
+ return err;
}
static int policy_readlink(struct dentry *dentry, char __user *buffer,
WARNING: multiple messages have this Message-ID (diff)
From: Al Viro <viro@zeniv.linux.org.uk>
To: Aleksa Sarai <cyphar@cyphar.com>
Cc: linux-ia64@vger.kernel.org, linux-sh@vger.kernel.org,
Peter Zijlstra <peterz@infradead.org>,
Rasmus Villemoes <linux@rasmusvillemoes.dk>,
Alexei Starovoitov <ast@kernel.org>,
linux-kernel@vger.kernel.org, David Howells <dhowells@redhat.com>,
linux-kselftest@vger.kernel.org, sparclinux@vger.kernel.org,
Christian Brauner <christian.brauner@ubuntu.com>,
Shuah Khan <shuah@kernel.org>,
linux-arch@vger.kernel.org, linux-s390@vger.kernel.org,
Tycho Andersen <tycho@tycho.ws>, Aleksa Sarai <asarai@suse.de>,
Jiri Olsa <jolsa@redhat.com>,
Alexander Shishkin <alexander.shishkin@linux.intel.com>,
Ingo Molnar <mingo@redhat.com>,
linux-arm-kernel@lists.infradead.org, linux-mips@vger.kernel.org,
linux-xtensa@linux-xtensa.org, Kees Cook <keescook@chromium.org>,
Arnd Bergmann <arnd@arndb.de>, Jann Horn <jannh@google.com>,
linuxppc-dev@lists.ozlabs.org, linux-m68k@lists.linux-m68k.org,
Andy Lutomirski <luto@kernel.org>,
Shuah Khan <skhan@linuxfoundation.org>,
Namhyung Kim <namhyung@kernel.org>,
David Drysdale <drysdale@google.com>,
Christian Brauner <christian@brauner.io>,
"J. Bruce Fields" <bfields@fieldses.org>,
libc-alpha@sourceware.org, linux-parisc@vger.kernel.org,
linux-api@vger.kernel.org, Chanho Min <chanho.min@lge.com>,
Jeff Layton <jlayton@kernel.org>, Oleg Nesterov <oleg@redhat.com>,
Eric Biederman <ebiederm@xmission.com>,
linux-alpha@vger.kernel.org, linux-fsdevel@vger.kernel.org,
Andrew Morton <akpm@linux-foundation.org>,
Linus Torvalds <torvalds@linux-foundation.org>,
containers@lists.linux-foundation.org
Subject: Re: [PATCH v15 3/9] namei: LOOKUP_NO_XDEV: block mountpoint crossing
Date: Wed, 13 Nov 2019 01:36:30 +0000 [thread overview]
Message-ID: <20191113013630.GZ26530@ZenIV.linux.org.uk> (raw)
In-Reply-To: <20191105090553.6350-4-cyphar@cyphar.com>
On Tue, Nov 05, 2019 at 08:05:47PM +1100, Aleksa Sarai wrote:
> @@ -862,6 +870,8 @@ static int nd_jump_root(struct nameidata *nd)
> void nd_jump_link(struct path *path)
> {
> struct nameidata *nd = current->nameidata;
> +
> + nd->last_magiclink.same_mnt = (nd->path.mnt == path->mnt);
> path_put(&nd->path);
>
> nd->path = *path;
> @@ -1082,6 +1092,10 @@ const char *get_link(struct nameidata *nd)
> if (nd->flags & LOOKUP_MAGICLINK_JUMPED) {
> if (unlikely(nd->flags & LOOKUP_NO_MAGICLINKS))
> return ERR_PTR(-ELOOP);
> + if (unlikely(nd->flags & LOOKUP_NO_XDEV)) {
> + if (!nd->last_magiclink.same_mnt)
> + return ERR_PTR(-EXDEV);
> + }
> }
Ugh... Wouldn't it be better to take that logics (some equivalent thereof)
into nd_jump_link()? Or just have nd_jump_link() return an error...
I mean, look at the callers of nd_jump_link().
static const char *policy_get_link(struct dentry *dentry,
struct inode *inode,
struct delayed_call *done)
{
struct aa_ns *ns;
struct path path;
if (!dentry)
return ERR_PTR(-ECHILD);
ns = aa_get_current_ns();
path.mnt = mntget(aafs_mnt);
path.dentry = dget(ns_dir(ns));
nd_jump_link(&path);
aa_put_ns(ns);
return NULL;
}
- very close to the end of ->get_link() instance.
static const char *proc_pid_get_link(struct dentry *dentry,
struct inode *inode,
struct delayed_call *done)
{
struct path path;
int error = -EACCES;
if (!dentry)
return ERR_PTR(-ECHILD);
/* Are we allowed to snoop on the tasks file descriptors? */
if (!proc_fd_access_allowed(inode))
goto out;
error = PROC_I(inode)->op.proc_get_link(dentry, &path);
if (error)
goto out;
nd_jump_link(&path);
return NULL;
out:
return ERR_PTR(error);
}
Ditto.
static const char *proc_ns_get_link(struct dentry *dentry,
struct inode *inode,
struct delayed_call *done)
{
const struct proc_ns_operations *ns_ops = PROC_I(inode)->ns_ops;
struct task_struct *task;
struct path ns_path;
void *error = ERR_PTR(-EACCES);
if (!dentry)
return ERR_PTR(-ECHILD);
task = get_proc_task(inode);
if (!task)
return error;
if (ptrace_may_access(task, PTRACE_MODE_READ_FSCREDS)) {
error = ns_get_path(&ns_path, task, ns_ops);
if (!error)
nd_jump_link(&ns_path);
}
put_task_struct(task);
return error;
}
The same. And that's it - there's no more of them. So how about
this in the beginning of the series, then having your magiclink
error handling done in nd_jump_link()?
diff --git a/fs/namei.c b/fs/namei.c
index 671c3c1a3425..8ec924813c30 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -859,7 +859,7 @@ static int nd_jump_root(struct nameidata *nd)
* Helper to directly jump to a known parsed path from ->get_link,
* caller must have taken a reference to path beforehand.
*/
-void nd_jump_link(struct path *path)
+const char *nd_jump_link(struct path *path)
{
struct nameidata *nd = current->nameidata;
path_put(&nd->path);
@@ -867,6 +867,7 @@ void nd_jump_link(struct path *path)
nd->path = *path;
nd->inode = nd->path.dentry->d_inode;
nd->flags |= LOOKUP_JUMPED;
+ return NULL;
}
static inline void put_link(struct nameidata *nd)
diff --git a/fs/proc/base.c b/fs/proc/base.c
index ebea9501afb8..ac4e57a3dfa5 100644
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -1626,8 +1626,7 @@ static const char *proc_pid_get_link(struct dentry *dentry,
if (error)
goto out;
- nd_jump_link(&path);
- return NULL;
+ return nd_jump_link(&path);
out:
return ERR_PTR(error);
}
diff --git a/fs/proc/namespaces.c b/fs/proc/namespaces.c
index dd2b35f78b09..dde0c501b2f3 100644
--- a/fs/proc/namespaces.c
+++ b/fs/proc/namespaces.c
@@ -54,7 +54,7 @@ static const char *proc_ns_get_link(struct dentry *dentry,
if (ptrace_may_access(task, PTRACE_MODE_READ_FSCREDS)) {
error = ns_get_path(&ns_path, task, ns_ops);
if (!error)
- nd_jump_link(&ns_path);
+ error = nd_jump_link(&ns_path);
}
put_task_struct(task);
return error;
diff --git a/include/linux/namei.h b/include/linux/namei.h
index 397a08ade6a2..f3e8438e5631 100644
--- a/include/linux/namei.h
+++ b/include/linux/namei.h
@@ -68,7 +68,7 @@ extern int follow_up(struct path *);
extern struct dentry *lock_rename(struct dentry *, struct dentry *);
extern void unlock_rename(struct dentry *, struct dentry *);
-extern void nd_jump_link(struct path *path);
+extern const char *nd_jump_link(struct path *path);
static inline void nd_terminate_link(void *name, size_t len, size_t maxlen)
{
diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c
index 45d13b6462aa..98aef94b4777 100644
--- a/security/apparmor/apparmorfs.c
+++ b/security/apparmor/apparmorfs.c
@@ -2453,18 +2453,16 @@ static const char *policy_get_link(struct dentry *dentry,
struct inode *inode,
struct delayed_call *done)
{
- struct aa_ns *ns;
- struct path path;
-
- if (!dentry)
- return ERR_PTR(-ECHILD);
- ns = aa_get_current_ns();
- path.mnt = mntget(aafs_mnt);
- path.dentry = dget(ns_dir(ns));
- nd_jump_link(&path);
- aa_put_ns(ns);
-
- return NULL;
+ const char *err = ERR_PTR(-ECHILD);
+
+ if (dentry) {
+ struct aa_ns *ns = aa_get_current_ns();
+ struct path path = {.mnt = mntget(aafs_mnt),
+ .dentry = ns_dir(ns)};
+ err = nd_jump_link(&path);
+ aa_put_ns(ns);
+ }
+ return err;
}
static int policy_readlink(struct dentry *dentry, char __user *buffer,
WARNING: multiple messages have this Message-ID (diff)
From: Al Viro <viro@zeniv.linux.org.uk>
To: Aleksa Sarai <cyphar@cyphar.com>
Cc: linux-ia64@vger.kernel.org, linux-sh@vger.kernel.org,
Peter Zijlstra <peterz@infradead.org>,
Rasmus Villemoes <linux@rasmusvillemoes.dk>,
Alexei Starovoitov <ast@kernel.org>,
linux-kernel@vger.kernel.org, David Howells <dhowells@redhat.com>,
linux-kselftest@vger.kernel.org, sparclinux@vger.kernel.org,
Christian Brauner <christian.brauner@ubuntu.com>,
Shuah Khan <shuah@kernel.org>,
linux-arch@vger.kernel.org, linux-s390@vger.kernel.org,
Tycho Andersen <tycho@tycho.ws>, Aleksa Sarai <asarai@suse.de>,
Jiri Olsa <jolsa@redhat.com>,
Alexander Shishkin <alexander.shishkin@linux.intel.com>,
Ingo Molnar <mingo@redhat.com>,
linux-arm-kernel@lists.infradead.org, linux-mips@vger.kernel.org,
linux-xtensa@linux-xtensa.org, Kees Cook <keescook@chromium.org>,
Arnd Bergmann <arnd@arndb.de>, Jann Horn <jannh@google.com>,
linuxppc-dev@lists.ozlabs.org, linux-m68k@lists.linux-m68k.org,
Andy Lutomirski <luto@kernel.org>,
Shuah Khan <skhan@linuxfoundation.org>,
Namhyung Kim <namhyung@kernel.org>,
David Drysdale <drysdale@google.com>,
Christian Brauner <christian@brauner.io>,
"J. Bruce Fields" <bfields@fieldses.org>,
libc-alpha@sourceware.org, linux-parisc@vger.kernel.org,
linux-api@vger.kernel.org, Chanho Min <chanho.min@lge.com>,
Jeff Layton <jlayton@kernel.org>, Oleg Nesterov <oleg@redhat.com>,
Eric Biederman <ebiederm@xmission.com>,
linux-alpha@vger.kernel.org, linux-fsdevel@vger.kernel.org,
Andrew Morton <akpm@linux-foundation.org>,
Linus Torvalds <torvalds@linux-foundation.org>,
containers@lists.linux-foundation.org
Subject: Re: [PATCH v15 3/9] namei: LOOKUP_NO_XDEV: block mountpoint crossing
Date: Wed, 13 Nov 2019 01:36:30 +0000 [thread overview]
Message-ID: <20191113013630.GZ26530@ZenIV.linux.org.uk> (raw)
In-Reply-To: <20191105090553.6350-4-cyphar@cyphar.com>
On Tue, Nov 05, 2019 at 08:05:47PM +1100, Aleksa Sarai wrote:
> @@ -862,6 +870,8 @@ static int nd_jump_root(struct nameidata *nd)
> void nd_jump_link(struct path *path)
> {
> struct nameidata *nd = current->nameidata;
> +
> + nd->last_magiclink.same_mnt = (nd->path.mnt == path->mnt);
> path_put(&nd->path);
>
> nd->path = *path;
> @@ -1082,6 +1092,10 @@ const char *get_link(struct nameidata *nd)
> if (nd->flags & LOOKUP_MAGICLINK_JUMPED) {
> if (unlikely(nd->flags & LOOKUP_NO_MAGICLINKS))
> return ERR_PTR(-ELOOP);
> + if (unlikely(nd->flags & LOOKUP_NO_XDEV)) {
> + if (!nd->last_magiclink.same_mnt)
> + return ERR_PTR(-EXDEV);
> + }
> }
Ugh... Wouldn't it be better to take that logics (some equivalent thereof)
into nd_jump_link()? Or just have nd_jump_link() return an error...
I mean, look at the callers of nd_jump_link().
static const char *policy_get_link(struct dentry *dentry,
struct inode *inode,
struct delayed_call *done)
{
struct aa_ns *ns;
struct path path;
if (!dentry)
return ERR_PTR(-ECHILD);
ns = aa_get_current_ns();
path.mnt = mntget(aafs_mnt);
path.dentry = dget(ns_dir(ns));
nd_jump_link(&path);
aa_put_ns(ns);
return NULL;
}
- very close to the end of ->get_link() instance.
static const char *proc_pid_get_link(struct dentry *dentry,
struct inode *inode,
struct delayed_call *done)
{
struct path path;
int error = -EACCES;
if (!dentry)
return ERR_PTR(-ECHILD);
/* Are we allowed to snoop on the tasks file descriptors? */
if (!proc_fd_access_allowed(inode))
goto out;
error = PROC_I(inode)->op.proc_get_link(dentry, &path);
if (error)
goto out;
nd_jump_link(&path);
return NULL;
out:
return ERR_PTR(error);
}
Ditto.
static const char *proc_ns_get_link(struct dentry *dentry,
struct inode *inode,
struct delayed_call *done)
{
const struct proc_ns_operations *ns_ops = PROC_I(inode)->ns_ops;
struct task_struct *task;
struct path ns_path;
void *error = ERR_PTR(-EACCES);
if (!dentry)
return ERR_PTR(-ECHILD);
task = get_proc_task(inode);
if (!task)
return error;
if (ptrace_may_access(task, PTRACE_MODE_READ_FSCREDS)) {
error = ns_get_path(&ns_path, task, ns_ops);
if (!error)
nd_jump_link(&ns_path);
}
put_task_struct(task);
return error;
}
The same. And that's it - there's no more of them. So how about
this in the beginning of the series, then having your magiclink
error handling done in nd_jump_link()?
diff --git a/fs/namei.c b/fs/namei.c
index 671c3c1a3425..8ec924813c30 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -859,7 +859,7 @@ static int nd_jump_root(struct nameidata *nd)
* Helper to directly jump to a known parsed path from ->get_link,
* caller must have taken a reference to path beforehand.
*/
-void nd_jump_link(struct path *path)
+const char *nd_jump_link(struct path *path)
{
struct nameidata *nd = current->nameidata;
path_put(&nd->path);
@@ -867,6 +867,7 @@ void nd_jump_link(struct path *path)
nd->path = *path;
nd->inode = nd->path.dentry->d_inode;
nd->flags |= LOOKUP_JUMPED;
+ return NULL;
}
static inline void put_link(struct nameidata *nd)
diff --git a/fs/proc/base.c b/fs/proc/base.c
index ebea9501afb8..ac4e57a3dfa5 100644
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -1626,8 +1626,7 @@ static const char *proc_pid_get_link(struct dentry *dentry,
if (error)
goto out;
- nd_jump_link(&path);
- return NULL;
+ return nd_jump_link(&path);
out:
return ERR_PTR(error);
}
diff --git a/fs/proc/namespaces.c b/fs/proc/namespaces.c
index dd2b35f78b09..dde0c501b2f3 100644
--- a/fs/proc/namespaces.c
+++ b/fs/proc/namespaces.c
@@ -54,7 +54,7 @@ static const char *proc_ns_get_link(struct dentry *dentry,
if (ptrace_may_access(task, PTRACE_MODE_READ_FSCREDS)) {
error = ns_get_path(&ns_path, task, ns_ops);
if (!error)
- nd_jump_link(&ns_path);
+ error = nd_jump_link(&ns_path);
}
put_task_struct(task);
return error;
diff --git a/include/linux/namei.h b/include/linux/namei.h
index 397a08ade6a2..f3e8438e5631 100644
--- a/include/linux/namei.h
+++ b/include/linux/namei.h
@@ -68,7 +68,7 @@ extern int follow_up(struct path *);
extern struct dentry *lock_rename(struct dentry *, struct dentry *);
extern void unlock_rename(struct dentry *, struct dentry *);
-extern void nd_jump_link(struct path *path);
+extern const char *nd_jump_link(struct path *path);
static inline void nd_terminate_link(void *name, size_t len, size_t maxlen)
{
diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c
index 45d13b6462aa..98aef94b4777 100644
--- a/security/apparmor/apparmorfs.c
+++ b/security/apparmor/apparmorfs.c
@@ -2453,18 +2453,16 @@ static const char *policy_get_link(struct dentry *dentry,
struct inode *inode,
struct delayed_call *done)
{
- struct aa_ns *ns;
- struct path path;
-
- if (!dentry)
- return ERR_PTR(-ECHILD);
- ns = aa_get_current_ns();
- path.mnt = mntget(aafs_mnt);
- path.dentry = dget(ns_dir(ns));
- nd_jump_link(&path);
- aa_put_ns(ns);
-
- return NULL;
+ const char *err = ERR_PTR(-ECHILD);
+
+ if (dentry) {
+ struct aa_ns *ns = aa_get_current_ns();
+ struct path path = {.mnt = mntget(aafs_mnt),
+ .dentry = ns_dir(ns)};
+ err = nd_jump_link(&path);
+ aa_put_ns(ns);
+ }
+ return err;
}
static int policy_readlink(struct dentry *dentry, char __user *buffer,
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2019-11-13 1:36 UTC|newest]
Thread overview: 151+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-11-05 9:05 [PATCH v15 0/9] open: introduce openat2(2) syscall Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-05 9:05 ` [PATCH v15 1/9] namei: LOOKUP_NO_SYMLINKS: block symlink resolution Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-05 9:05 ` [PATCH v15 2/9] namei: LOOKUP_NO_MAGICLINKS: block magic-link resolution Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-13 1:24 ` Al Viro
2019-11-13 1:24 ` Al Viro
2019-11-13 1:24 ` Al Viro
2019-11-13 1:24 ` Al Viro
2019-11-05 9:05 ` [PATCH v15 3/9] namei: LOOKUP_NO_XDEV: block mountpoint crossing Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-13 1:36 ` Al Viro [this message]
2019-11-13 1:36 ` Al Viro
2019-11-13 1:36 ` Al Viro
2019-11-13 1:36 ` Al Viro
2019-11-13 1:36 ` Al Viro
2019-11-14 4:49 ` Aleksa Sarai
2019-11-14 4:49 ` Aleksa Sarai
2019-11-14 4:49 ` Aleksa Sarai
2019-11-14 4:49 ` Aleksa Sarai
2019-11-14 4:49 ` Aleksa Sarai
2019-11-14 5:43 ` Al Viro
2019-11-14 5:43 ` Al Viro
2019-11-14 5:43 ` Al Viro
2019-11-14 5:43 ` Al Viro
2019-11-14 5:43 ` Al Viro
2019-11-14 13:33 ` Aleksa Sarai
2019-11-14 13:33 ` Aleksa Sarai
2019-11-14 13:33 ` Aleksa Sarai
2019-11-14 13:33 ` Aleksa Sarai
2019-11-14 13:33 ` Aleksa Sarai
2019-11-05 9:05 ` [PATCH v15 4/9] namei: LOOKUP_BENEATH: O_BENEATH-like scoped resolution Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-13 1:55 ` Al Viro
2019-11-13 1:55 ` Al Viro
2019-11-13 1:55 ` Al Viro
2019-11-13 1:55 ` Al Viro
2019-11-13 1:55 ` Al Viro
2019-11-13 7:47 ` Aleksa Sarai
2019-11-13 7:47 ` Aleksa Sarai
2019-11-13 7:47 ` Aleksa Sarai
2019-11-13 7:47 ` Aleksa Sarai
2019-11-13 7:47 ` Aleksa Sarai
2019-11-14 4:57 ` Aleksa Sarai
2019-11-14 4:57 ` Aleksa Sarai
2019-11-14 4:57 ` Aleksa Sarai
2019-11-14 4:57 ` Aleksa Sarai
2019-11-14 4:57 ` Aleksa Sarai
2019-11-05 9:05 ` [PATCH v15 5/9] namei: LOOKUP_IN_ROOT: chroot-like " Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-13 2:03 ` Al Viro
2019-11-13 2:03 ` Al Viro
2019-11-13 2:03 ` Al Viro
2019-11-13 2:03 ` Al Viro
2019-11-13 2:03 ` Al Viro
2019-11-13 2:44 ` Aleksa Sarai
2019-11-13 2:44 ` Aleksa Sarai
2019-11-13 2:44 ` Aleksa Sarai
2019-11-13 2:44 ` Aleksa Sarai
2019-11-13 2:44 ` Aleksa Sarai
2019-11-13 2:59 ` Al Viro
2019-11-13 2:59 ` Al Viro
2019-11-13 2:59 ` Al Viro
2019-11-13 2:59 ` Al Viro
2019-11-13 2:59 ` Al Viro
2019-11-13 3:55 ` Aleksa Sarai
2019-11-13 3:55 ` Aleksa Sarai
2019-11-13 3:55 ` Aleksa Sarai
2019-11-13 3:55 ` Aleksa Sarai
2019-11-13 3:55 ` Aleksa Sarai
2019-11-05 9:05 ` [PATCH v15 6/9] namei: LOOKUP_{IN_ROOT,BENEATH}: permit limited ".." resolution Aleksa Sarai
2019-11-05 9:05 ` [PATCH v15 6/9] namei: LOOKUP_{IN_ROOT, BENEATH}: " Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-05 9:05 ` [PATCH v15 6/9] namei: LOOKUP_{IN_ROOT,BENEATH}: " Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-13 2:09 ` Al Viro
2019-11-13 2:09 ` Al Viro
2019-11-13 2:09 ` Al Viro
2019-11-13 2:09 ` Al Viro
2019-11-13 7:52 ` Aleksa Sarai
2019-11-13 7:52 ` Aleksa Sarai
2019-11-13 7:52 ` Aleksa Sarai
2019-11-13 7:52 ` Aleksa Sarai
2019-11-13 7:52 ` Aleksa Sarai
2019-11-05 9:05 ` [PATCH v15 7/9] open: introduce openat2(2) syscall Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-13 2:29 ` Al Viro
2019-11-13 2:29 ` Al Viro
2019-11-13 2:29 ` Al Viro
2019-11-13 2:29 ` Al Viro
2019-11-13 2:35 ` Aleksa Sarai
2019-11-13 2:35 ` Aleksa Sarai
2019-11-13 2:35 ` Aleksa Sarai
2019-11-13 2:35 ` Aleksa Sarai
2019-11-13 2:35 ` Aleksa Sarai
2019-11-05 9:05 ` [PATCH v15 8/9] selftests: add openat2(2) selftests Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-05 9:05 ` [PATCH v15 9/9] Documentation: path-lookup: mention LOOKUP_MAGICLINK_JUMPED Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-05 9:05 ` Aleksa Sarai
2019-11-11 13:24 ` [PATCH v15 0/9] open: introduce openat2(2) syscall Aleksa Sarai
2019-11-11 13:24 ` Aleksa Sarai
2019-11-11 13:24 ` Aleksa Sarai
2019-11-11 13:24 ` Aleksa Sarai
2019-11-11 13:24 ` Aleksa Sarai
2019-11-12 23:01 ` Kees Cook
2019-11-12 23:01 ` Kees Cook
2019-11-12 23:01 ` Kees Cook
2019-11-12 23:01 ` Kees Cook
2019-11-12 23:01 ` Kees Cook
2019-11-12 23:06 ` Christian Brauner
2019-11-12 23:06 ` Christian Brauner
2019-11-12 23:06 ` Christian Brauner
2019-11-12 23:06 ` Christian Brauner
2019-11-12 23:06 ` Christian Brauner
2019-11-13 0:46 ` Aleksa Sarai
2019-11-13 0:46 ` Aleksa Sarai
2019-11-13 0:46 ` Aleksa Sarai
2019-11-13 0:46 ` Aleksa Sarai
2019-11-13 0:46 ` Aleksa Sarai
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191113013630.GZ26530@ZenIV.linux.org.uk \
--to=viro@zeniv.linux.org.uk \
--cc=akpm@linux-foundation.org \
--cc=arnd@arndb.de \
--cc=ast@kernel.org \
--cc=bfields@fieldses.org \
--cc=chanho.min@lge.com \
--cc=christian.brauner@ubuntu.com \
--cc=cyphar@cyphar.com \
--cc=dhowells@redhat.com \
--cc=drysdale@google.com \
--cc=ebiederm@xmission.com \
--cc=jannh@google.com \
--cc=jlayton@kernel.org \
--cc=keescook@chromium.org \
--cc=luto@kernel.org \
--cc=mingo@redhat.com \
--cc=oleg@redhat.com \
--cc=peterz@infradead.org \
--cc=shuah@kernel.org \
--cc=skhan@linuxfoundation.org \
--cc=torvalds@linux-foundation.org \
--cc=tycho@tycho.ws \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.