On 02/28/2017 11:03 AM, Greg Kurz wrote: > According to the POSIX.1-2008 manual page [1], the fchmodat() function has > a flag argument which may be passed the following value: > > AT_SYMLINK_NOFOLLOW > If path names a symbolic link, then the mode of the symbolic link is > changed. > > and the following error may be returned: > > [EOPNOTSUPP] > The AT_SYMLINK_NOFOLLOW bit is set in the flag argument, path names a > symbolic link, and the system does not support changing the mode of a > symbolic link. > > The linux kernel doesn't support changing the mode of a symbolic link, but > the current implementation doesn't even have a flag argument. It is then > up to userspace to deal with that. Unfortunately, it is impossible to > implement the POSIX behavior in a race-free manner. > > This patch introduces a new fchmodat2() syscall with a flag argument to > address the issue. > > [1] http://pubs.opengroup.org/onlinepubs/9699919799/functions/chmod.html > > Signed-off-by: Greg Kurz <groug@xxxxxxxx> > --- Might also be worth mentioning that this patch is required in order to solve CVE-2016-9602, per discussion at https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg06089.html > +++ b/include/linux/syscalls.h > @@ -775,6 +775,8 @@ asmlinkage long sys_futimesat(int dfd, const char __user *filename, > asmlinkage long sys_faccessat(int dfd, const char __user *filename, int mode); > asmlinkage long sys_fchmodat(int dfd, const char __user * filename, > umode_t mode); > +asmlinkage long sys_fchmodat2(int dfd, const char __user *filename, > + umode_t mode, int flag); > asmlinkage long sys_fchownat(int dfd, const char __user *filename, uid_t user, > gid_t group, int flag); Is the indentation off here? Reviewed-by: Eric Blake <eblake@xxxxxxxxxx> -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
Attachment:
signature.asc
Description: OpenPGP digital signature
