Re: [PATCH RFC v2] fhandle: expose u64 mount id to name_to_handle_at(2)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: Re: [PATCH RFC v2] fhandle: expose u64 mount id to name_to_handle_at(2)
From: "hch@xxxxxxxxxxxxx" <hch@xxxxxxxxxxxxx>
Date: Tue, 28 May 2024 23:24:18 -0700
Cc: "hch@xxxxxxxxxxxxx" <hch@xxxxxxxxxxxxx>, Jan Kara <jack@xxxxxxx>, Trond Myklebust <trondmy@xxxxxxxxxxxxxxx>, "chuck.lever@xxxxxxxxxx" <chuck.lever@xxxxxxxxxx>, "linux-api@xxxxxxxxxxxxxxx" <linux-api@xxxxxxxxxxxxxxx>, "linux-fsdevel@xxxxxxxxxxxxxxx" <linux-fsdevel@xxxxxxxxxxxxxxx>, "brauner@xxxxxxxxxx" <brauner@xxxxxxxxxx>, "linux-kernel@xxxxxxxxxxxxxxx" <linux-kernel@xxxxxxxxxxxxxxx>, "alex.aring@xxxxxxxxx" <alex.aring@xxxxxxxxx>, "cyphar@xxxxxxxxxx" <cyphar@xxxxxxxxxx>, "viro@xxxxxxxxxxxxxxxxxx" <viro@xxxxxxxxxxxxxxxxxx>, "jlayton@xxxxxxxxxx" <jlayton@xxxxxxxxxx>, "amir73il@xxxxxxxxx" <amir73il@xxxxxxxxx>, "linux-nfs@xxxxxxxxxxxxxxx" <linux-nfs@xxxxxxxxxxxxxxx>
In-reply-to: <ZlZn/fcphsx8u/Ph@dread.disaster.area>
References: <20240523-exportfs-u64-mount-id-v2-1-f9f959f17eb1@cyphar.com> <ZlMADupKkN0ITgG5@infradead.org> <30137c868039a3ae17f4ae74d07383099bfa4db8.camel@hammerspace.com> <ZlRzNquWNalhYtux@infradead.org> <86065f6a4f3d2f3d78f39e7a276a2d6e25bfbc9d.camel@hammerspace.com> <ZlS0_DWzGk24GYZA@infradead.org> <20240528101152.kyvtx623djnxwonm@quack3> <ZlW4a6Zdt9SPTt80@infradead.org> <ZlZn/fcphsx8u/Ph@dread.disaster.area>

On Wed, May 29, 2024 at 09:25:49AM +1000, Dave Chinner wrote:
> But no-one has bothered to reply or acknowledge my comments so I'll
> point them out again and repeat: Filehandles generated by
> the kernel for unprivileged use *must* be self describing and self
> validating as the kernel must be able to detect and prevent
> unprivelged users from generating custom filehandles that can be
> used to access files outside the restricted scope of their
> container.

We must not generate file handle for unprivileged use at all, as they
bypass all the path based access controls.

Follow-Ups:
- Re: [PATCH RFC v2] fhandle: expose u64 mount id to name_to_handle_at(2)
  - From: Amir Goldstein

References:
- [PATCH RFC v2] fhandle: expose u64 mount id to name_to_handle_at(2)
  - From: Aleksa Sarai
- Re: [PATCH RFC v2] fhandle: expose u64 mount id to name_to_handle_at(2)
  - From: Christoph Hellwig
- Re: [PATCH RFC v2] fhandle: expose u64 mount id to name_to_handle_at(2)
  - From: Trond Myklebust
- Re: [PATCH RFC v2] fhandle: expose u64 mount id to name_to_handle_at(2)
  - From: hch@xxxxxxxxxxxxx
- Re: [PATCH RFC v2] fhandle: expose u64 mount id to name_to_handle_at(2)
  - From: Trond Myklebust
- Re: [PATCH RFC v2] fhandle: expose u64 mount id to name_to_handle_at(2)
  - From: hch@xxxxxxxxxxxxx
- Re: [PATCH RFC v2] fhandle: expose u64 mount id to name_to_handle_at(2)
  - From: Jan Kara
- Re: [PATCH RFC v2] fhandle: expose u64 mount id to name_to_handle_at(2)
  - From: hch@xxxxxxxxxxxxx
- Re: [PATCH RFC v2] fhandle: expose u64 mount id to name_to_handle_at(2)
  - From: Dave Chinner

Prev by Date: Re: [PATCH RFC v2] fhandle: expose u64 mount id to name_to_handle_at(2)
Next by Date: Re: [PATCH RFC v2] fhandle: expose u64 mount id to name_to_handle_at(2)
Previous by thread: Re: [PATCH RFC v2] fhandle: expose u64 mount id to name_to_handle_at(2)
Next by thread: Re: [PATCH RFC v2] fhandle: expose u64 mount id to name_to_handle_at(2)
Index(es):
- Date
- Thread

[Index of Archives] [Linux USB Devel] [Video for Linux] [Linux Audio Users] [Yosemite News] [Linux Kernel] [Linux SCSI]