* [RFC 1/3] procfs: parse mount options
@ 2011-11-15 11:21 Vasiliy Kulikov
2011-11-15 11:48 ` Américo Wang
0 siblings, 1 reply; 3+ messages in thread
From: Vasiliy Kulikov @ 2011-11-15 11:21 UTC (permalink / raw)
To: kernel-hardening, Andrew Morton, linux-kernel, Alexey Dobriyan,
Al Viro
Cc: H. Peter Anvin, Greg KH, Theodore Tso, Alan Cox, Linus Torvalds
This patch adds support of procfs mount options.
Actual mount options are coming in the next patches.
Signed-off-by: Vasiliy Kulikov <segoon@openwall.com>
--
fs/proc/inode.c | 10 +++++++++
fs/proc/internal.h | 1 +
fs/proc/root.c | 56 ++++++++++++++++++++++++++++++++++++++++++++++++++-
3 files changed, 65 insertions(+), 2 deletions(-)
diff --git a/fs/proc/inode.c b/fs/proc/inode.c
index 7737c54..9b9f92a 100644
--- a/fs/proc/inode.c
+++ b/fs/proc/inode.c
@@ -7,6 +7,7 @@
#include <linux/time.h>
#include <linux/proc_fs.h>
#include <linux/kernel.h>
+#include <linux/pid_namespace.h>
#include <linux/mm.h>
#include <linux/string.h>
#include <linux/stat.h>
@@ -17,7 +18,9 @@
#include <linux/init.h>
#include <linux/module.h>
#include <linux/sysctl.h>
+#include <linux/seq_file.h>
#include <linux/slab.h>
+#include <linux/mount.h>
#include <asm/system.h>
#include <asm/uaccess.h>
@@ -102,12 +105,19 @@ void __init proc_init_inodecache(void)
init_once);
}
+static int proc_show_options(struct seq_file *seq, struct vfsmount *vfs)
+{
+ return 0;
+}
+
static const struct super_operations proc_sops = {
.alloc_inode = proc_alloc_inode,
.destroy_inode = proc_destroy_inode,
.drop_inode = generic_delete_inode,
.evict_inode = proc_evict_inode,
.statfs = simple_statfs,
+ .remount_fs = proc_remount,
+ .show_options = proc_show_options,
};
static void __pde_users_dec(struct proc_dir_entry *pde)
diff --git a/fs/proc/internal.h b/fs/proc/internal.h
index 7838e5c..2925775 100644
--- a/fs/proc/internal.h
+++ b/fs/proc/internal.h
@@ -117,6 +117,7 @@ void pde_put(struct proc_dir_entry *pde);
int proc_fill_super(struct super_block *);
struct inode *proc_get_inode(struct super_block *, struct proc_dir_entry *);
+int proc_remount(struct super_block *sb, int *flags, char *data);
/*
* These are generic /proc routines that use the internal
diff --git a/fs/proc/root.c b/fs/proc/root.c
index 9a8a2b7..1486bb0 100644
--- a/fs/proc/root.c
+++ b/fs/proc/root.c
@@ -18,6 +18,7 @@
#include <linux/bitops.h>
#include <linux/mount.h>
#include <linux/pid_namespace.h>
+#include <linux/parser.h>
#include "internal.h"
@@ -36,6 +37,49 @@ static int proc_set_super(struct super_block *sb, void *data)
return err;
}
+enum {
+ Opt_err,
+};
+
+static const match_table_t tokens = {
+ {Opt_err, NULL},
+};
+
+static int proc_parse_options(char *options, struct pid_namespace *pid)
+{
+ char *p;
+ substring_t args[MAX_OPT_ARGS];
+ int option;
+
+ pr_debug("proc: options = %s\n", options);
+
+ if (!options)
+ return 1;
+
+ while ((p = strsep(&options, ",")) != NULL) {
+ int token;
+ if (!*p)
+ continue;
+
+ args[0].to = args[0].from = 0;
+ token = match_token(p, tokens, args);
+ switch (token) {
+ default:
+ pr_err("proc: unrecognized mount option \"%s\" "
+ "or missing value", p);
+ return 0;
+ }
+ }
+
+ return 1;
+}
+
+int proc_remount(struct super_block *sb, int *flags, char *data)
+{
+ struct pid_namespace *pid = sb->s_fs_info;
+ return !proc_parse_options(data, pid);
+}
+
static struct dentry *proc_mount(struct file_system_type *fs_type,
int flags, const char *dev_name, void *data)
{
@@ -43,11 +87,15 @@ static struct dentry *proc_mount(struct file_system_type *fs_type,
struct super_block *sb;
struct pid_namespace *ns;
struct proc_inode *ei;
+ char *options;
- if (flags & MS_KERNMOUNT)
+ if (flags & MS_KERNMOUNT) {
ns = (struct pid_namespace *)data;
- else
+ options = NULL;
+ } else {
ns = current->nsproxy->pid_ns;
+ options = data;
+ }
sb = sget(fs_type, proc_test_super, proc_set_super, ns);
if (IS_ERR(sb))
@@ -55,6 +103,10 @@ static struct dentry *proc_mount(struct file_system_type *fs_type,
if (!sb->s_root) {
sb->s_flags = flags;
+ if (!proc_parse_options(options, ns)) {
+ deactivate_locked_super(sb);
+ return ERR_PTR(-EINVAL);
+ }
err = proc_fill_super(sb);
if (err) {
deactivate_locked_super(sb);
--
^ permalink raw reply related [flat|nested] 3+ messages in thread* Re: [RFC 1/3] procfs: parse mount options
2011-11-15 11:21 [RFC 1/3] procfs: parse mount options Vasiliy Kulikov
@ 2011-11-15 11:48 ` Américo Wang
2011-11-15 12:53 ` Vasiliy Kulikov
0 siblings, 1 reply; 3+ messages in thread
From: Américo Wang @ 2011-11-15 11:48 UTC (permalink / raw)
To: Vasiliy Kulikov
Cc: kernel-hardening, Andrew Morton, linux-kernel, Alexey Dobriyan,
Al Viro, H. Peter Anvin, Greg KH, Theodore Tso, Alan Cox,
Linus Torvalds
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1: Type: text/plain; charset=UTF-8, Size: 1284 bytes --]
On Tue, Nov 15, 2011 at 7:21 PM, Vasiliy Kulikov <segoon@openwall.com> wrote:
> +
> +static int proc_parse_options(char *options, struct pid_namespace *pid)
> +{
> + Â Â Â char *p;
> + Â Â Â substring_t args[MAX_OPT_ARGS];
> + Â Â Â int option;
'option' is unused?
> +
> + Â Â Â pr_debug("proc: options = %s\n", options);
> +
> + Â Â Â if (!options)
> + Â Â Â Â Â Â Â return 1;
> +
> + Â Â Â while ((p = strsep(&options, ",")) != NULL) {
> + Â Â Â Â Â Â Â int token;
> + Â Â Â Â Â Â Â if (!*p)
> + Â Â Â Â Â Â Â Â Â Â Â continue;
> +
> + Â Â Â Â Â Â Â args[0].to = args[0].from = 0;
> + Â Â Â Â Â Â Â token = match_token(p, tokens, args);
> + Â Â Â Â Â Â Â switch (token) {
> + Â Â Â Â Â Â Â default:
This switch block reads odd...
> + Â Â Â Â Â Â Â Â Â Â Â pr_err("proc: unrecognized mount option \"%s\" "
> + Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â "or missing value", p);
"\n" is needed.
> + Â Â Â Â Â Â Â Â Â Â Â return 0;
> + Â Â Â Â Â Â Â }
> + Â Â Â }
> +
> + Â Â Â return 1;
> +}
Regards.
ÿôèº{.nÇ+‰·Ÿ®‰†+%ŠËÿ±éݶ\x17¥Šwÿº{.nÇ+‰·¥Š{±þG«éÿŠ{ayº\x1dʇڙë,j\a¢f£¢·hšïêÿ‘êçz_è®\x03(階ŠÝ¢j"ú\x1a¶^[m§ÿÿ¾\a«þG«éÿ¢¸?™¨èÚ&£ø§~á¶iO•æ¬z·švØ^\x14\x04\x1a¶^[m§ÿÿÃ\fÿ¶ìÿ¢¸?–I¥
^ permalink raw reply [flat|nested] 3+ messages in thread* Re: [RFC 1/3] procfs: parse mount options
2011-11-15 11:48 ` Américo Wang
@ 2011-11-15 12:53 ` Vasiliy Kulikov
0 siblings, 0 replies; 3+ messages in thread
From: Vasiliy Kulikov @ 2011-11-15 12:53 UTC (permalink / raw)
To: Américo Wang
Cc: kernel-hardening, Andrew Morton, linux-kernel, Alexey Dobriyan,
Al Viro, H. Peter Anvin, Greg KH, Theodore Tso, Alan Cox,
Linus Torvalds
Hi Américo,
On Tue, Nov 15, 2011 at 19:48 +0800, Américo Wang wrote:
> On Tue, Nov 15, 2011 at 7:21 PM, Vasiliy Kulikov <segoon@openwall.com> wrote:
> > +
> > +static int proc_parse_options(char *options, struct pid_namespace *pid)
> > +{
> > + char *p;
> > + substring_t args[MAX_OPT_ARGS];
> > + int option;
>
>
> 'option' is unused?
Right.
> > + switch (token) {
> > + default:
>
>
> This switch block reads odd...
It will be used in 2/3 patch.
> > + pr_err("proc: unrecognized mount option \"%s\" "
> > + "or missing value", p);
>
> "\n" is needed.
Correct. Thank you!
> > + return 0;
> > + }
> > + }
> > +
> > + return 1;
> > +}
--
Vasiliy Kulikov
http://www.openwall.com - bringing security into open computing environments
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2011-11-15 12:55 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-11-15 11:21 [RFC 1/3] procfs: parse mount options Vasiliy Kulikov
2011-11-15 11:48 ` Américo Wang
2011-11-15 12:53 ` Vasiliy Kulikov
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox