Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756593AbdLVTA0 (ORCPT ); Fri, 22 Dec 2017 14:00:26 -0500 Received: from server.coly.li ([162.144.45.48]:38886 "EHLO server.coly.li" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1756037AbdLVTAY (ORCPT ); Fri, 22 Dec 2017 14:00:24 -0500 Subject: Re: [PATCH 01/11] block_dev: Support checking inode permissions in lookup_bdev() To: Dongsu Park , linux-kernel@vger.kernel.org Cc: containers@lists.linux-foundation.org, Alban Crequy , "Eric W . Biederman" , Miklos Szeredi , Seth Forshee , Sargun Dhillon , dm-devel@redhat.com, linux-bcache@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-mtd@lists.infradead.org, Alexander Viro , Jan Kara , Serge Hallyn References: From: Coly Li Message-ID: <17fbec10-68b1-2d2b-d417-2cdfee22b0fa@coly.li> Date: Sat, 23 Dec 2017 02:59:55 +0800 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:52.0) Gecko/20100101 Thunderbird/52.5.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - server.coly.li X-AntiAbuse: Original Domain - vger.kernel.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - coly.li X-Get-Message-Sender-Via: server.coly.li: authenticated_id: i@coly.li X-Authenticated-Sender: server.coly.li: i@coly.li X-Source: X-Source-Args: X-Source-Dir: Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2540 Lines: 71 On 22/12/2017 10:32 PM, Dongsu Park wrote: > From: Seth Forshee > > When looking up a block device by path no permission check is > done to verify that the user has access to the block device inode > at the specified path. In some cases it may be necessary to > check permissions towards the inode, such as allowing > unprivileged users to mount block devices in user namespaces. > > Add an argument to lookup_bdev() to optionally perform this > permission check. A value of 0 skips the permission check and > behaves the same as before. A non-zero value specifies the mask > of access rights required towards the inode at the specified > path. The check is always skipped if the user has CAP_SYS_ADMIN. > > All callers of lookup_bdev() currently pass a mask of 0, so this > patch results in no functional change. Subsequent patches will > add permission checks where appropriate. > > Patch v4 is available: https://patchwork.kernel.org/patch/8943601/ > > Cc: dm-devel@redhat.com > Cc: linux-bcache@vger.kernel.org > Cc: linux-fsdevel@vger.kernel.org > Cc: linux-mtd@lists.infradead.org > Cc: linux-kernel@vger.kernel.org > Cc: Alexander Viro > Cc: Jan Kara > Cc: Serge Hallyn > Signed-off-by: Seth Forshee > Signed-off-by: Dongsu Park Hi Dongsu, Could you please use a macro like NO_PERMISSION_CHECK to replace hard coded 0 ? At least for me, I don't need to check what does 0 mean in the new lookup_bdev(). Thanks. Coly Li > --- > drivers/md/bcache/super.c | 2 +- > drivers/md/dm-table.c | 2 +- > drivers/mtd/mtdsuper.c | 2 +- > fs/block_dev.c | 13 ++++++++++--- > fs/quota/quota.c | 2 +- > include/linux/fs.h | 2 +- > 6 files changed, 15 insertions(+), 8 deletions(-) > > diff --git a/drivers/md/bcache/super.c b/drivers/md/bcache/super.c > index b4d28928..acc9d56c 100644 > --- a/drivers/md/bcache/super.c > +++ b/drivers/md/bcache/super.c > @@ -1967,7 +1967,7 @@ static ssize_t register_bcache(struct kobject *k, struct kobj_attribute *attr, > sb); > if (IS_ERR(bdev)) { > if (bdev == ERR_PTR(-EBUSY)) { > - bdev = lookup_bdev(strim(path)); > + bdev = lookup_bdev(strim(path), 0); > mutex_lock(&bch_register_lock); > if (!IS_ERR(bdev) && bch_is_open(bdev)) > err = "device already registered"; > diff --git a/drivers/md/dm-table.c b/drivers/md/dm-table.c > index 88130b5d..bca5eaf4 100644 [snip] -- Coly Li