Re: [PATCH 1/2] vfs: implement fchmodat2() syscall

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: Greg Kurz <groug@kaod.org>
To: Eric Blake <eblake@redhat.com>
Cc: viro@zeniv.linux.org.uk, linux-fsdevel@vger.kernel.org,
	linux-kernel@vger.kernel.org
Subject: Re: [PATCH 1/2] vfs: implement fchmodat2() syscall
Date: Tue, 28 Feb 2017 19:41:48 +0100	[thread overview]
Message-ID: <20170228194148.115674bc@bahia.lan> (raw)
In-Reply-To: <99466bd0-48f2-1594-5392-5e6191d56ffa@redhat.com>

[-- Attachment #1: Type: text/plain, Size: 2260 bytes --]

On Tue, 28 Feb 2017 12:23:01 -0600
Eric Blake <eblake@redhat.com> wrote:

> On 02/28/2017 11:03 AM, Greg Kurz wrote:
> > According to the POSIX.1-2008 manual page [1], the fchmodat() function has
> > a flag argument which may be passed the following value:
> > 
> > AT_SYMLINK_NOFOLLOW
> >     If path names a symbolic link, then the mode of the symbolic link is
> >     changed.
> > 
> > and the following error may be returned:
> > 
> > [EOPNOTSUPP]
> >     The AT_SYMLINK_NOFOLLOW bit is set in the flag argument, path names a
> >     symbolic link, and the system does not support changing the mode of a
> >     symbolic link.
> > 
> > The linux kernel doesn't support changing the mode of a symbolic link, but
> > the current implementation doesn't even have a flag argument. It is then
> > up to userspace to deal with that. Unfortunately, it is impossible to
> > implement the POSIX behavior in a race-free manner.
> > 
> > This patch introduces a new fchmodat2() syscall with a flag argument to
> > address the issue.
> > 
> > [1] http://pubs.opengroup.org/onlinepubs/9699919799/functions/chmod.html
> > 
> > Signed-off-by: Greg Kurz <groug@kaod.org>
> > ---  
> 
> Might also be worth mentioning that this patch is required in order to
> solve CVE-2016-9602, per discussion at
> https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg06089.html
> 

True. I'll add a reference to it if I have to send a v2.

> > +++ b/include/linux/syscalls.h
> > @@ -775,6 +775,8 @@ asmlinkage long sys_futimesat(int dfd, const char __user *filename,
> >  asmlinkage long sys_faccessat(int dfd, const char __user *filename, int mode);
> >  asmlinkage long sys_fchmodat(int dfd, const char __user * filename,
> >  			     umode_t mode);
> > +asmlinkage long sys_fchmodat2(int dfd, const char __user *filename,
> > +			      umode_t mode, int flag);
> >  asmlinkage long sys_fchownat(int dfd, const char __user *filename, uid_t user,
> >  			     gid_t group, int flag);  
> 
> Is the indentation off here?
> 

This is linux style indent with tabs+spaces. FWIW it is displayed correctly
in vi and emacs (I've simply copied the sys_fchmodat() declaration).

> Reviewed-by: Eric Blake <eblake@redhat.com>
> 
> 


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 181 bytes --]

next prev parent reply	other threads:[~2017-03-01 11:41 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-02-28 17:03 [PATCH 1/2] vfs: implement fchmodat2() syscall Greg Kurz
2017-02-28 17:03 ` [PATCH 2/2] x86: wire up " Greg Kurz
2017-03-01  9:00   ` kbuild test robot
2017-02-28 18:23 ` [PATCH 1/2] vfs: implement " Eric Blake
2017-02-28 18:41   ` Greg Kurz [this message]
2017-02-28 18:59     ` Eric Blake
2017-04-11 17:52   ` Colin Walters
2017-04-11 17:55     ` Eric Blake
2017-04-11 18:07       ` Eric Blake
2017-04-11 18:08         ` Eric Blake
2017-04-11 19:09         ` Colin Walters
2017-04-19 12:45           ` Greg Kurz
2017-03-01  9:01 ` Michael Kerrisk
2017-04-11 11:39   ` Greg Kurz
2017-04-11 12:04     ` Greg Kurz

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20170228194148.115674bc@bahia.lan \
    --to=groug@kaod.org \
    --cc=eblake@redhat.com \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=viro@zeniv.linux.org.uk \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox