Re: fsnotify path hooks

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

> One thing, whatever you end up passing to vfs_create() please make sure
> to retrieve mnt_userns once so permission checking and object creation
> line-up:
>
> int vfs_create(struct vfsmount *mnt, struct inode *dir,
>                struct dentry *dentry, umode_t mode, bool want_excl)
> {
>         struct user_namespace *mnt_userns;
>
>         mnt_userns = mnt_user_ns(mnt);
>
>         int error = may_create(mnt_userns, dir, dentry);
>         if (error)
>                 return error;
>
>         if (!dir->i_op->create)
>                 return -EACCES; /* shouldn't it be ENOSYS? */
>         mode &= S_IALLUGO;
>         mode |= S_IFREG;
>         error = security_inode_create(dir, dentry, mode);
>         if (error)
>                 return error;
>         error = dir->i_op->create(mnt_userns, dir, dentry, mode, want_excl);
>         if (!error)
>                 fsnotify_create(mnt, dir, dentry);
>         return error;
> }
>

Christian,

What is the concern here?
Can mnt_user_ns() change under us?
I am asking because Al doesn't like both mnt_userns AND path to
be passed to do_tuncate() => notify_change()
So I will need to retrieve mnt_userns again inside notify_change()
after it had been used for security checks in do_open().
Would that be acceptable to you?

Thanks,
Amir.
[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [Samba]     [Device Mapper]     [CEPH Development]

  Powered by Linux