From: "J. R. Okajima" <hooanon05@yahoo.co.jp>
To: "Aneesh Kumar K. V" <aneesh.kumar@linux.vnet.ibm.com>
Cc: Dave Chinner <david@fromorbit.com>,
hch@infradead.org, viro@zeniv.linux.org.uk, adilger@sun.com,
corbet@lwn.net, serue@us.ibm.com, neilb@suse.de,
linux-fsdevel@vger.kernel.org, sfrench@us.ibm.com,
philippe.deniel@CEA.FR, linux-kernel@vger.kernel.org
Subject: Re: [PATCH -V8 2/9] vfs: Add name to file handle conversion support
Date: Wed, 19 May 2010 22:50:09 +0900 [thread overview]
Message-ID: <14013.1274277009@jrobl> (raw)
In-Reply-To: <87aarwkzsi.fsf@linux.vnet.ibm.com>
"Aneesh Kumar K. V":
> How about the below patch ?
>
> commit 5f421ffbe9dd7bb84c5992b1725c06b511bc76d8
> Author: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
> Date: Wed May 19 14:52:44 2010 +0530
>
> vfs: Return ENOSYS if CONFIG_EXPORTFS is not enabled
Of course, I have no objection. :-)
Let me make sure some other issues.
If a malicious user passes altered dirfd or handle parameters, then
these things may happen.
- opens another file.
But it should not be a security hole, because finish_open_handle()
calls may_open() and the permission bits are tested expectedly.
- kernel crashes.
If s_export_op->fh_to_dentry() expects the passed handle is always
correct, then it may crash. But this is a problem of FS, instead of
open_by_handle().
- returns an error.
It is a matter of the application.
Right?
And the decode routine may return an anonymous (disconnected) dentry.
In this case, if LSM detects something wrong and produces a message,
then the filename will not be printed correctly.
This is not a problem of open_by_handle() either. Right?
J. R. Okajima
next prev parent reply other threads:[~2010-05-19 13:50 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-05-17 5:33 [PATCH -V8 0/9] Generic name to handle and open by handle syscalls Aneesh Kumar K.V
2010-05-17 5:33 ` [PATCH -V8 1/9] exportfs: Return the minimum required handle size Aneesh Kumar K.V
2010-05-17 5:33 ` [PATCH -V8 2/9] vfs: Add name to file handle conversion support Aneesh Kumar K.V
2010-05-18 2:33 ` J. R. Okajima
2010-05-18 5:40 ` Aneesh Kumar K. V
2010-05-18 6:18 ` J. R. Okajima
2010-05-18 6:58 ` Aneesh Kumar K. V
2010-05-18 6:43 ` Dave Chinner
2010-05-18 10:17 ` Aneesh Kumar K. V
2010-05-19 7:15 ` J. R. Okajima
2010-05-19 8:52 ` Aneesh Kumar K. V
2010-05-19 9:26 ` Aneesh Kumar K. V
2010-05-19 13:50 ` J. R. Okajima [this message]
2010-05-17 5:33 ` [PATCH -V8 3/9] vfs: Add open by file handle support Aneesh Kumar K.V
2010-05-17 5:33 ` [PATCH -V8 4/9] vfs: Allow handle based open on symlinks Aneesh Kumar K.V
2010-05-17 5:33 ` [PATCH -V8 5/9] vfs: Support null pathname in readlink Aneesh Kumar K.V
2010-05-17 5:33 ` [PATCH -V8 6/9] ext4: Add get_fsid callback Aneesh Kumar K.V
2010-05-17 5:33 ` [PATCH -V8 7/9] x86: Add new syscalls for x86_32 Aneesh Kumar K.V
2010-05-17 5:33 ` [PATCH -V8 8/9] x86: Add new syscalls for x86_64 Aneesh Kumar K.V
2010-05-17 5:33 ` [PATCH -V8 9/9] ext3: Add get_fsid callback Aneesh Kumar K.V
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=14013.1274277009@jrobl \
--to=hooanon05@yahoo.co.jp \
--cc=adilger@sun.com \
--cc=aneesh.kumar@linux.vnet.ibm.com \
--cc=corbet@lwn.net \
--cc=david@fromorbit.com \
--cc=hch@infradead.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=neilb@suse.de \
--cc=philippe.deniel@CEA.FR \
--cc=serue@us.ibm.com \
--cc=sfrench@us.ibm.com \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).