On Tue, 28 Feb 2017 12:23:01 -0600
Eric Blake <[email protected]> wrote:
> On 02/28/2017 11:03 AM, Greg Kurz wrote:
> > According to the POSIX.1-2008 manual page [1], the fchmodat() function has
> > a flag argument which may be passed the following value:
> >
> > AT_SYMLINK_NOFOLLOW
> > If path names a symbolic link, then the mode of the symbolic link is
> > changed.
> >
> > and the following error may be returned:
> >
> > [EOPNOTSUPP]
> > The AT_SYMLINK_NOFOLLOW bit is set in the flag argument, path names a
> > symbolic link, and the system does not support changing the mode of a
> > symbolic link.
> >
> > The linux kernel doesn't support changing the mode of a symbolic link, but
> > the current implementation doesn't even have a flag argument. It is then
> > up to userspace to deal with that. Unfortunately, it is impossible to
> > implement the POSIX behavior in a race-free manner.
> >
> > This patch introduces a new fchmodat2() syscall with a flag argument to
> > address the issue.
> >
> > [1] http://pubs.opengroup.org/onlinepubs/9699919799/functions/chmod.html
> >
> > Signed-off-by: Greg Kurz <[email protected]>
> > ---
>
> Might also be worth mentioning that this patch is required in order to
> solve CVE-2016-9602, per discussion at
> https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg06089.html
>
True. I'll add a reference to it if I have to send a v2.
> > +++ b/include/linux/syscalls.h
> > @@ -775,6 +775,8 @@ asmlinkage long sys_futimesat(int dfd, const char __user *filename,
> > asmlinkage long sys_faccessat(int dfd, const char __user *filename, int mode);
> > asmlinkage long sys_fchmodat(int dfd, const char __user * filename,
> > umode_t mode);
> > +asmlinkage long sys_fchmodat2(int dfd, const char __user *filename,
> > + umode_t mode, int flag);
> > asmlinkage long sys_fchownat(int dfd, const char __user *filename, uid_t user,
> > gid_t group, int flag);
>
> Is the indentation off here?
>
This is linux style indent with tabs+spaces. FWIW it is displayed correctly
in vi and emacs (I've simply copied the sys_fchmodat() declaration).
> Reviewed-by: Eric Blake <[email protected]>
>
>
On 02/28/2017 12:41 PM, Greg Kurz wrote:
>>> +++ b/include/linux/syscalls.h
>>> @@ -775,6 +775,8 @@ asmlinkage long sys_futimesat(int dfd, const char __user *filename,
>>> asmlinkage long sys_faccessat(int dfd, const char __user *filename, int mode);
>>> asmlinkage long sys_fchmodat(int dfd, const char __user * filename,
>>> umode_t mode);
>>> +asmlinkage long sys_fchmodat2(int dfd, const char __user *filename,
>>> + umode_t mode, int flag);
>>> asmlinkage long sys_fchownat(int dfd, const char __user *filename, uid_t user,
>>> gid_t group, int flag);
>>
>> Is the indentation off here?
>>
>
> This is linux style indent with tabs+spaces. FWIW it is displayed correctly
> in vi and emacs (I've simply copied the sys_fchmodat() declaration).
Sorry for the noise; I see that it is correct now, since fchmodat2 is
one bye longer than fchmodat or fchownat. Sometimes, I wish I could
convince my mailer to display leading tabs as exactly 8 spaces rather
than to the next 8-space tab stop, so that prefixed characters that
aren't tab-stop aligned don't mess with the actual visual output.
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org