From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752553AbdCALl7 (ORCPT ); Wed, 1 Mar 2017 06:41:59 -0500 Received: from 20.mo6.mail-out.ovh.net ([178.32.124.17]:34971 "EHLO 20.mo6.mail-out.ovh.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752450AbdCALl5 (ORCPT ); Wed, 1 Mar 2017 06:41:57 -0500 Date: Tue, 28 Feb 2017 19:41:48 +0100 From: Greg Kurz To: Eric Blake Cc: viro@zeniv.linux.org.uk, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH 1/2] vfs: implement fchmodat2() syscall Message-ID: <20170228194148.115674bc@bahia.lan> In-Reply-To: <99466bd0-48f2-1594-5392-5e6191d56ffa@redhat.com> References: <148830142269.7103.7429913851447595016.stgit@bahia> <99466bd0-48f2-1594-5392-5e6191d56ffa@redhat.com> X-Mailer: Claws Mail 3.14.1 (GTK+ 2.24.31; x86_64-redhat-linux-gnu) MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; boundary="Sig_/Ix0PaEHUlsEmqDz3+y/kUXQ"; protocol="application/pgp-signature" X-Ovh-Tracer-Id: 14155095106285377929 X-VR-SPAMSTATE: OK X-VR-SPAMSCORE: -100 X-VR-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrfeelhedrvdekgdduudeiucetufdoteggodetrfdotffvucfrrhhofhhilhgvmecuqfggjfdpvefjgfevmfevgfenuceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddm Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org --Sig_/Ix0PaEHUlsEmqDz3+y/kUXQ Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable On Tue, 28 Feb 2017 12:23:01 -0600 Eric Blake wrote: > On 02/28/2017 11:03 AM, Greg Kurz wrote: > > According to the POSIX.1-2008 manual page [1], the fchmodat() function = has > > a flag argument which may be passed the following value: > >=20 > > AT_SYMLINK_NOFOLLOW > > If path names a symbolic link, then the mode of the symbolic link is > > changed. > >=20 > > and the following error may be returned: > >=20 > > [EOPNOTSUPP] > > The AT_SYMLINK_NOFOLLOW bit is set in the flag argument, path names= a > > symbolic link, and the system does not support changing the mode of= a > > symbolic link. > >=20 > > The linux kernel doesn't support changing the mode of a symbolic link, = but > > the current implementation doesn't even have a flag argument. It is then > > up to userspace to deal with that. Unfortunately, it is impossible to > > implement the POSIX behavior in a race-free manner. > >=20 > > This patch introduces a new fchmodat2() syscall with a flag argument to > > address the issue. > >=20 > > [1] http://pubs.opengroup.org/onlinepubs/9699919799/functions/chmod.html > >=20 > > Signed-off-by: Greg Kurz > > --- =20 >=20 > Might also be worth mentioning that this patch is required in order to > solve CVE-2016-9602, per discussion at > https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg06089.html >=20 True. I'll add a reference to it if I have to send a v2. > > +++ b/include/linux/syscalls.h > > @@ -775,6 +775,8 @@ asmlinkage long sys_futimesat(int dfd, const char _= _user *filename, > > asmlinkage long sys_faccessat(int dfd, const char __user *filename, in= t mode); > > asmlinkage long sys_fchmodat(int dfd, const char __user * filename, > > umode_t mode); > > +asmlinkage long sys_fchmodat2(int dfd, const char __user *filename, > > + umode_t mode, int flag); > > asmlinkage long sys_fchownat(int dfd, const char __user *filename, uid= _t user, > > gid_t group, int flag); =20 >=20 > Is the indentation off here? >=20 This is linux style indent with tabs+spaces. FWIW it is displayed correctly in vi and emacs (I've simply copied the sys_fchmodat() declaration). > Reviewed-by: Eric Blake >=20 >=20 --Sig_/Ix0PaEHUlsEmqDz3+y/kUXQ Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iEYEARECAAYFAli1xGwACgkQAvw66wEB28KI1wCffHO7YKyO5Sri62K6sFKlIzCP U/cAnioVP7fUCaGW435eqOOt+SZdLcJG =RIkd -----END PGP SIGNATURE----- --Sig_/Ix0PaEHUlsEmqDz3+y/kUXQ--