The patch titled
r/o bind mounts: elevate write count during entire ncp_ioctl()
has been removed from the -mm tree. Its filename is
ro-bind-mounts-elevate-write-count-during-entire-ncp_ioctl.patch
This patch was dropped because Viro's comments sounded rather serious
------------------------------------------------------
Subject: r/o bind mounts: elevate write count during entire ncp_ioctl()
From: Dave Hansen <haveblue@xxxxxxxxxx>
Some ioctls need write access, but others don't. Make a helper function to
decide when write access is needed, and take it.
Signed-off-by: Dave Hansen <haveblue@xxxxxxxxxx>
Cc: Serge Hallyn <serue@xxxxxxxxxx>
Cc: Herbert Poetzl <herbert@xxxxxxxxxxxx>
Cc: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxx>
---
fs/ncpfs/ioctl.c | 55 ++++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 54 insertions(+), 1 deletion(-)
diff -puN fs/ncpfs/ioctl.c~ro-bind-mounts-elevate-write-count-during-entire-ncp_ioctl fs/ncpfs/ioctl.c
--- a/fs/ncpfs/ioctl.c~ro-bind-mounts-elevate-write-count-during-entire-ncp_ioctl
+++ a/fs/ncpfs/ioctl.c
@@ -16,6 +16,7 @@
#include <linux/ioctl.h>
#include <linux/time.h>
#include <linux/mm.h>
+#include <linux/mount.h>
#include <linux/highuid.h>
#include <linux/vmalloc.h>
@@ -183,7 +184,7 @@ ncp_get_charsets(struct ncp_server* serv
}
#endif /* CONFIG_NCPFS_NLS */
-int ncp_ioctl(struct inode *inode, struct file *filp,
+static int __ncp_ioctl(struct inode *inode, struct file *filp,
unsigned int cmd, unsigned long arg)
{
struct ncp_server *server = NCP_SERVER(inode);
@@ -654,3 +655,55 @@ outrel:
/* #endif */
return -EINVAL;
}
+
+static int ncp_ioctl_need_write(unsigned int cmd)
+{
+ switch (cmd) {
+ case NCP_IOC_GET_FS_INFO:
+ case NCP_IOC_GET_FS_INFO_V2:
+ case NCP_IOC_NCPREQUEST:
+ case NCP_IOC_SETDENTRYTTL:
+ case NCP_IOC_SIGN_INIT:
+ case NCP_IOC_LOCKUNLOCK:
+ case NCP_IOC_SET_SIGN_WANTED:
+ return 1;
+ case NCP_IOC_GETOBJECTNAME:
+ case NCP_IOC_SETOBJECTNAME:
+ case NCP_IOC_GETPRIVATEDATA:
+ case NCP_IOC_SETPRIVATEDATA:
+ case NCP_IOC_SETCHARSETS:
+ case NCP_IOC_GETCHARSETS:
+ case NCP_IOC_CONN_LOGGED_IN:
+ case NCP_IOC_GETDENTRYTTL:
+ case NCP_IOC_GETMOUNTUID2:
+ case NCP_IOC_SIGN_WANTED:
+ case NCP_IOC_GETROOT:
+ case NCP_IOC_SETROOT:
+ return 0;
+ default:
+ /* unkown IOCTL command, assume write */
+ WARN_ON(1);
+ }
+ return 1;
+}
+
+int ncp_ioctl(struct inode *inode, struct file *filp,
+ unsigned int cmd, unsigned long arg)
+{
+ int ret;
+
+ if (ncp_ioctl_need_write(cmd)) {
+ /*
+ * inside the ioctl(), any failures which
+ * are because of file_permission() are
+ * -EACCESS, so it seems consistent to keep
+ * that here.
+ */
+ if (mnt_want_write(filp->f_vfsmnt))
+ return -EACCES;
+ }
+ ret = __ncp_ioctl(inode, filp, cmd, arg);
+ if (ncp_ioctl_need_write(cmd))
+ mnt_drop_write(filp->f_vfsmnt);
+ return ret;
+}
_
Patches currently in -mm which might be from haveblue@xxxxxxxxxx are
origin.patch
git-acpi.patch
ro-bind-mounts-elevate-write-count-during-entire-ncp_ioctl.patch
ro-bind-mounts-elevate-write-count-during-entire-ncp_ioctl-tidy.patch
ro-bind-mounts-sys_symlinkat-elevate-write-count-around-vfs_symlink.patch
ro-bind-mounts-elevate-mount-count-for-extended-attributes.patch
ro-bind-mounts-sys_linkat-elevate-write-count-around-vfs_link.patch
ro-bind-mounts-mount_is_safe-add-comment.patch
ro-bind-mounts-unix_find_other-elevate-write-count-for-touch_atime.patch
ro-bind-mounts-elevate-write-count-over-calls-to-vfs_rename.patch
ro-bind-mounts-tricky-elevate-write-count-files-are-opened.patch
ro-bind-mounts-elevate-writer-count-for-do_sys_truncate.patch
ro-bind-mounts-elevate-write-count-for-do_utimes.patch
ro-bind-mounts-elevate-write-count-for-do_sys_utime-and-touch_atime.patch
ro-bind-mounts-sys_mknodat-elevate-write-count-for-vfs_mknod-create.patch
ro-bind-mounts-elevate-mnt-writers-for-vfs_unlink-callers.patch
ro-bind-mounts-do_rmdir-elevate-write-count.patch
ro-bind-mounts-elevate-writer-count-for-custom-struct-file.patch
ro-bind-mounts-honor-r-w-changes-at-do_remount-time.patch
page-owner-tracking-leak-detector.patch
x86-e820-debugging.patch
-
To unsubscribe from this list: send the line "unsubscribe mm-commits" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
