Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp786609ybl;
        Fri, 6 Dec 2019 06:15:46 -0800 (PST)
X-Google-Smtp-Source: APXvYqyW9DXgLje7NyQMuhjr7fUQcN4Lm1Yjxk0DYp67Nso9ob+ydXcYKacC6d6gz9iob5k+QtjO
X-Received: by 2002:a05:6830:1c8a:: with SMTP id v10mr10446790otf.115.1575641746541;
        Fri, 06 Dec 2019 06:15:46 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1575641746; cv=none;
        d=google.com; s=arc-20160816;
        b=MvUNKSta8SfNgGhwWHahC4mDJuoHmTvPqc88T6SmO0g8b+ft3UcbCHkecCD/C3So5R
         vvbAeGQqFuSrHDWtnxrAPObtV0M7VJVUeULRxG1ibLJrxO+SMVvU3+w3DIH74jUmB+2m
         8nPiRC3bXbhmGDdSAEH7qad/M1JiRcNp4DhZTHp4IemaZiBK2JNXqPn0JKxNCIgdJHJ4
         ES67PMziq8Og46hz98z38Ec2aU1WeSzcbmLkL+Kx19hgj9lPGOa8L1x2AQy5uhYkAzze
         a4wVf3AKyuH17A3OCFFdX6ondLRDaNAVdWj3PM7t3+A5onFikj/sdLZL8aBZLOSgeC4T
         8qOQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from;
        bh=Z8OmOvyx0H8rYdCic3vn5u30a4HU972lL+p3iipNAzs=;
        b=lCdS/iQhJy9WZjlTlWY7SubxLclRNRfQ1EwD35LWl2oZs7k9MIRUKyok7/zHGs7fex
         CPPUXvo+dwvOQLEIBsUyOK90GgQe7EE9VnPlczUqs9J3odcFjAVVlEwDu0LtKLpLQh2Z
         aRWcY9QXQc7i1xbpNquBvEQUJ4xNQJm9QcK36su+RaTch9QDD8Kv2YGIFIPtrW6v7Ll7
         JwxTbOSiDfW2y7BnMkpaA5payY+YV4UC9wrtoyu90PTLPe2CljE9w5rYxh72AQie43S9
         CpVF8DvCIovoG4104UOLjXPE40A8P00wCbEKh+MZMcXlo7sxe5Cx7E8PD50fzaFfnhAk
         p96A==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id m4si6937303otn.281.2019.12.06.06.15.32;
        Fri, 06 Dec 2019 06:15:46 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726464AbfLFOPF (ORCPT <rfc822;qidong1992@gmail.com>
        + 99 others); Fri, 6 Dec 2019 09:15:05 -0500
Received: from mout-p-101.mailbox.org ([80.241.56.151]:21862 "EHLO
        mout-p-101.mailbox.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726264AbfLFOPD (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 6 Dec 2019 09:15:03 -0500
Received: from smtp2.mailbox.org (smtp2.mailbox.org [80.241.60.241])
        (using TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits))
        (No client certificate requested)
        by mout-p-101.mailbox.org (Postfix) with ESMTPS id 47Tvjs2dy0zKmTp;
        Fri,  6 Dec 2019 15:14:57 +0100 (CET)
X-Virus-Scanned: amavisd-new at heinlein-support.de
Received: from smtp2.mailbox.org ([80.241.60.241])
        by spamfilter05.heinlein-hosting.de (spamfilter05.heinlein-hosting.de [80.241.56.123]) (amavisd-new, port 10030)
        with ESMTP id BtA2010EB5L9; Fri,  6 Dec 2019 15:14:52 +0100 (CET)
From:   Aleksa Sarai <cyphar@cyphar.com>
To:     Al Viro <viro@zeniv.linux.org.uk>,
        Jeff Layton <jlayton@kernel.org>,
        "J. Bruce Fields" <bfields@fieldses.org>,
        Arnd Bergmann <arnd@arndb.de>,
        David Howells <dhowells@redhat.com>,
        Shuah Khan <shuah@kernel.org>,
        Shuah Khan <skhan@linuxfoundation.org>,
        Ingo Molnar <mingo@redhat.com>,
        Peter Zijlstra <peterz@infradead.org>,
        Alexei Starovoitov <ast@kernel.org>,
        Daniel Borkmann <daniel@iogearbox.net>,
        Martin KaFai Lau <kafai@fb.com>,
        Song Liu <songliubraving@fb.com>, Yonghong Song <yhs@fb.com>,
        Andrii Nakryiko <andriin@fb.com>,
        Jonathan Corbet <corbet@lwn.net>
Cc:     Aleksa Sarai <cyphar@cyphar.com>,
        "Eric W. Biederman" <ebiederm@xmission.com>,
        Andy Lutomirski <luto@kernel.org>,
        Andrew Morton <akpm@linux-foundation.org>,
        Kees Cook <keescook@chromium.org>,
        Jann Horn <jannh@google.com>, Tycho Andersen <tycho@tycho.ws>,
        David Drysdale <drysdale@google.com>,
        Chanho Min <chanho.min@lge.com>,
        Oleg Nesterov <oleg@redhat.com>,
        Rasmus Villemoes <linux@rasmusvillemoes.dk>,
        Alexander Shishkin <alexander.shishkin@linux.intel.com>,
        Jiri Olsa <jolsa@redhat.com>,
        Namhyung Kim <namhyung@kernel.org>,
        Christian Brauner <christian@brauner.io>,
        Aleksa Sarai <asarai@suse.de>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        dev@opencontainers.org, containers@lists.linux-foundation.org,
        bpf@vger.kernel.org, netdev@vger.kernel.org,
        linux-alpha@vger.kernel.org, linux-api@vger.kernel.org,
        libc-alpha@sourceware.org, linux-arch@vger.kernel.org,
        linux-arm-kernel@lists.infradead.org, linux-doc@vger.kernel.org,
        linux-fsdevel@vger.kernel.org, linux-ia64@vger.kernel.org,
        linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org,
        linux-m68k@lists.linux-m68k.org, linux-mips@vger.kernel.org,
        linux-parisc@vger.kernel.org, linuxppc-dev@lists.ozlabs.org,
        linux-s390@vger.kernel.org, linux-sh@vger.kernel.org,
        linux-xtensa@linux-xtensa.org, sparclinux@vger.kernel.org
Subject: [PATCH v18 01/13] namei: only return -ECHILD from follow_dotdot_rcu()
Date:   Sat,  7 Dec 2019 01:13:26 +1100
Message-Id: <20191206141338.23338-2-cyphar@cyphar.com>
In-Reply-To: <20191206141338.23338-1-cyphar@cyphar.com>
References: <20191206141338.23338-1-cyphar@cyphar.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

It's over-zealous to return hard errors under RCU-walk here, given that
a REF-walk will be triggered for all other cases handling ".." under
RCU.

The original purpose of this check was to ensure that if a rename occurs
such that a directory is moved outside of the bind-mount which the
resolution started in, it would be detected and blocked to avoid being
able to mess with paths outside of the bind-mount. However, triggering a
new REF-walk is just as effective a solution.

Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Fixes: 397d425dc26d ("vfs: Test for and handle paths that are unreachable from their mnt_root")
Suggested-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
---
 fs/namei.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fs/namei.c b/fs/namei.c
index 671c3c1a3425..5a47d9c09581 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -1359,7 +1359,7 @@ static int follow_dotdot_rcu(struct nameidata *nd)
 			nd->path.dentry = parent;
 			nd->seq = seq;
 			if (unlikely(!path_connected(&nd->path)))
-				return -ENOENT;
+				return -ECHILD;
 			break;
 		} else {
 			struct mount *mnt = real_mount(nd->path.mnt);
-- 
2.24.0