From: "Serge E. Hallyn" <serge@hallyn.com>
To: Christian Brauner <christian.brauner@ubuntu.com>
Cc: "Jens Axboe" <axboe@kernel.dk>,
"Greg Kroah-Hartman" <gregkh@linuxfoundation.org>,
linux-kernel@vger.kernel.org, linux-block@vger.kernel.org,
linux-api@vger.kernel.org, "Jonathan Corbet" <corbet@lwn.net>,
"Serge Hallyn" <serge@hallyn.com>,
"Rafael J. Wysocki" <rafael@kernel.org>,
"Tejun Heo" <tj@kernel.org>,
"David S. Miller" <davem@davemloft.net>,
"Saravana Kannan" <saravanak@google.com>,
"Jan Kara" <jack@suse.cz>, "David Howells" <dhowells@redhat.com>,
"Seth Forshee" <seth.forshee@canonical.com>,
"David Rheinsberg" <david.rheinsberg@gmail.com>,
"Tom Gundersen" <teg@jklm.no>,
"Christian Kellner" <ckellner@redhat.com>,
"Dmitry Vyukov" <dvyukov@google.com>,
"Stéphane Graber" <stgraber@ubuntu.com>,
linux-doc@vger.kernel.org, netdev@vger.kernel.org,
"Steve Barber" <smbarber@google.com>,
"Dylan Reid" <dgreid@google.com>,
"Filipe Brandenburger" <filbranden@gmail.com>,
"Kees Cook" <keescook@chromium.org>,
"Benjamin Elder" <bentheelder@google.com>,
"Akihiro Suda" <suda.kyoto@gmail.com>
Subject: Re: [PATCH v2 3/7] loop: use ns_capable for some loop operations
Date: Wed, 22 Apr 2020 15:50:51 -0500 [thread overview]
Message-ID: <20200422205051.GA31944@mail.hallyn.com> (raw)
In-Reply-To: <20200422145437.176057-4-christian.brauner@ubuntu.com>
On Wed, Apr 22, 2020 at 04:54:33PM +0200, Christian Brauner wrote:
> The following LOOP_GET_STATUS, LOOP_SET_STATUS, and LOOP_SET_BLOCK_SIZE
> operations are now allowed in non-initial namespaces. Most other
> operations were already possible before.
>
> Cc: Jens Axboe <axboe@kernel.dk>
> Cc: Seth Forshee <seth.forshee@canonical.com>
> Cc: Tom Gundersen <teg@jklm.no>
> Cc: Tejun Heo <tj@kernel.org>
> Cc: Christian Kellner <ckellner@redhat.com>
> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
> Cc: "David S. Miller" <davem@davemloft.net>
> Cc: David Rheinsberg <david.rheinsberg@gmail.com>
> Cc: Dmitry Vyukov <dvyukov@google.com>
> Cc: "Rafael J. Wysocki" <rafael@kernel.org>
> Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Reviewed-by: Serge Hallyn <serge@hallyn.com>
> ---
> /* v2 */
> - Christian Brauner <christian.brauner@ubuntu.com>:
> - Adapated loop_capable() based on changes in the loopfs
> implementation patchset. Otherwise it is functionally equivalent to
> the v1 version.
> ---
> drivers/block/loop.c | 20 +++++++++++++++-----
> 1 file changed, 15 insertions(+), 5 deletions(-)
>
> diff --git a/drivers/block/loop.c b/drivers/block/loop.c
> index 52f7583dd17d..8e21d4b33e01 100644
> --- a/drivers/block/loop.c
> +++ b/drivers/block/loop.c
> @@ -1352,6 +1352,16 @@ void loopfs_evict_locked(struct loop_device *lo)
> }
> mutex_unlock(&loop_ctl_mutex);
> }
> +
> +static bool loop_capable(const struct loop_device *lo, int cap)
> +{
> + return ns_capable(loopfs_ns(lo), cap);
> +}
> +#else /* !CONFIG_BLK_DEV_LOOPFS */
> +static inline bool loop_capable(const struct loop_device *lo, int cap)
> +{
> + return capable(cap);
> +}
> #endif /* CONFIG_BLK_DEV_LOOPFS */
>
> static int
> @@ -1368,7 +1378,7 @@ loop_set_status(struct loop_device *lo, const struct loop_info64 *info)
> return err;
> if (lo->lo_encrypt_key_size &&
> !uid_eq(lo->lo_key_owner, uid) &&
> - !capable(CAP_SYS_ADMIN)) {
> + !loop_capable(lo, CAP_SYS_ADMIN)) {
> err = -EPERM;
> goto out_unlock;
> }
> @@ -1499,7 +1509,7 @@ loop_get_status(struct loop_device *lo, struct loop_info64 *info)
> memcpy(info->lo_crypt_name, lo->lo_crypt_name, LO_NAME_SIZE);
> info->lo_encrypt_type =
> lo->lo_encryption ? lo->lo_encryption->number : 0;
> - if (lo->lo_encrypt_key_size && capable(CAP_SYS_ADMIN)) {
> + if (lo->lo_encrypt_key_size && loop_capable(lo, CAP_SYS_ADMIN)) {
> info->lo_encrypt_key_size = lo->lo_encrypt_key_size;
> memcpy(info->lo_encrypt_key, lo->lo_encrypt_key,
> lo->lo_encrypt_key_size);
> @@ -1723,7 +1733,7 @@ static int lo_ioctl(struct block_device *bdev, fmode_t mode,
> return loop_clr_fd(lo);
> case LOOP_SET_STATUS:
> err = -EPERM;
> - if ((mode & FMODE_WRITE) || capable(CAP_SYS_ADMIN)) {
> + if ((mode & FMODE_WRITE) || loop_capable(lo, CAP_SYS_ADMIN)) {
> err = loop_set_status_old(lo,
> (struct loop_info __user *)arg);
> }
> @@ -1732,7 +1742,7 @@ static int lo_ioctl(struct block_device *bdev, fmode_t mode,
> return loop_get_status_old(lo, (struct loop_info __user *) arg);
> case LOOP_SET_STATUS64:
> err = -EPERM;
> - if ((mode & FMODE_WRITE) || capable(CAP_SYS_ADMIN)) {
> + if ((mode & FMODE_WRITE) || loop_capable(lo, CAP_SYS_ADMIN)) {
> err = loop_set_status64(lo,
> (struct loop_info64 __user *) arg);
> }
> @@ -1742,7 +1752,7 @@ static int lo_ioctl(struct block_device *bdev, fmode_t mode,
> case LOOP_SET_CAPACITY:
> case LOOP_SET_DIRECT_IO:
> case LOOP_SET_BLOCK_SIZE:
> - if (!(mode & FMODE_WRITE) && !capable(CAP_SYS_ADMIN))
> + if (!(mode & FMODE_WRITE) && !loop_capable(lo, CAP_SYS_ADMIN))
> return -EPERM;
> /* Fall through */
> default:
> --
> 2.26.1
next prev parent reply other threads:[~2020-04-22 20:57 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-04-22 14:54 [PATCH v2 0/7] loopfs Christian Brauner
2020-04-22 14:54 ` [PATCH v2 1/7] kobject_uevent: remove unneeded netlink_ns check Christian Brauner
2020-04-22 16:34 ` Greg Kroah-Hartman
2020-04-22 14:54 ` [PATCH v2 2/7] loopfs: implement loopfs Christian Brauner
2020-04-22 21:52 ` Serge E. Hallyn
2020-04-23 11:24 ` Christian Brauner
2020-04-23 16:17 ` Serge E. Hallyn
2020-04-23 16:29 ` Christian Brauner
2020-04-22 14:54 ` [PATCH v2 3/7] loop: use ns_capable for some loop operations Christian Brauner
2020-04-22 20:50 ` Serge E. Hallyn [this message]
2020-04-22 14:54 ` [PATCH v2 4/7] kernfs: handle multiple namespace tags Christian Brauner
2020-04-22 22:01 ` Serge E. Hallyn
2020-04-22 14:54 ` [PATCH v2 5/7] loop: preserve sysfs backwards compatibility Christian Brauner
2020-04-23 1:17 ` Serge E. Hallyn
2020-04-23 11:15 ` Christian Brauner
2020-04-23 16:13 ` Serge E. Hallyn
2020-04-22 14:54 ` [PATCH v2 6/7] loopfs: start attaching correct namespace during loop_add() Christian Brauner
2020-04-23 1:36 ` Serge E. Hallyn
2020-04-22 14:54 ` [PATCH v2 7/7] loopfs: only show devices in their correct instance Christian Brauner
2020-04-23 1:37 ` Serge E. Hallyn
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200422205051.GA31944@mail.hallyn.com \
--to=serge@hallyn.com \
--cc=axboe@kernel.dk \
--cc=bentheelder@google.com \
--cc=christian.brauner@ubuntu.com \
--cc=ckellner@redhat.com \
--cc=corbet@lwn.net \
--cc=davem@davemloft.net \
--cc=david.rheinsberg@gmail.com \
--cc=dgreid@google.com \
--cc=dhowells@redhat.com \
--cc=dvyukov@google.com \
--cc=filbranden@gmail.com \
--cc=gregkh@linuxfoundation.org \
--cc=jack@suse.cz \
--cc=keescook@chromium.org \
--cc=linux-api@vger.kernel.org \
--cc=linux-block@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=rafael@kernel.org \
--cc=saravanak@google.com \
--cc=seth.forshee@canonical.com \
--cc=smbarber@google.com \
--cc=stgraber@ubuntu.com \
--cc=suda.kyoto@gmail.com \
--cc=teg@jklm.no \
--cc=tj@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.