Received: by 2002:a05:6a10:413:0:0:0:0 with SMTP id 19csp963670pxp;
        Wed, 16 Mar 2022 22:48:20 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJxt4DRgUCuaCtZaP+WeYYYQkOM1GUuQOvrZ3CKUrj0uRryjeuUFJ2EEJMdKj5i7yumBD4f6
X-Received: by 2002:a17:902:bd88:b0:14f:8ddf:e373 with SMTP id q8-20020a170902bd8800b0014f8ddfe373mr2870813pls.89.1647496100222;
        Wed, 16 Mar 2022 22:48:20 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1647496100; cv=none;
        d=google.com; s=arc-20160816;
        b=e5YvrkJfQL8cQL31FLTOD8utTlQiAfWsvhIhBXM3Y9GUDOOoO+Nzjn1erVYIFAo5kg
         Fc8yWseFmKVYrB/Pm+r7cWJKYkqD4mPm639diijQ8cNTxEqtwWtfUOCTqL1Wta+KVy8t
         TtJ12rIP8UwoNnkz5OVHiXdRA21yHnKTWO73Z3BCcyHNZVurfFUkCmxFnxOAEy3az8sq
         hKIjvzuZkscmSYdbqZAt7QsdW0SAq7u9hAFNcg2ng6v8ZYvXq9Vx9qv+njQs1Oc+oJ4H
         +Kd5dHaVsx0Iqz53UNPqcDr5LlsKZUZ1D9IZyuv1AfRZn4RIEqQng8Rd+FGU5gi+DGUY
         WsfA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:in-reply-to:content-disposition
         :mime-version:references:message-id:subject:cc:to:from:date;
        bh=DXVSP40CW9ZCHnK6BPlZxN3NUdh9z22zGfskTj1kl1o=;
        b=HzisJgdMkeykIJtMbjc3Erzr3zpJMh/+zovoP9W3RiDGmHbvAO2erVl1r1r0cIKdRX
         5sHRpwPmtbYqK+7of7r2PWyuKzInjRYDiTHhD6blbF/sSeIDyLIbDMQIHB/8BoETY5CJ
         hPvczix8qGpaLd2FYxiExH09Ksde5d3nz7PrcLDZc6uCCRbuB91EPRmCcJqPpfpUmN/t
         qJ3fUO8d5a9TAYnZSav8h0QPwJOzl2gdcHeTN9qVMzqkLG+ihVTjUNSK+0SXIpK0ApaG
         O8RabFy+iuqnIZxZhOSkvCmQc00Hg3w+OiacKbVV1eaFLorX/K36CDUCOznqs3beHXUf
         MAcg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [2620:137:e000::1:18])
        by mx.google.com with ESMTPS id j4-20020a628004000000b004f6c5b16f26si3655657pfd.243.2022.03.16.22.48.19
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 16 Mar 2022 22:48:20 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) client-ip=2620:137:e000::1:18;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by lindbergh.monkeyblade.net (Postfix) with ESMTP id 6326912C6DB;
	Wed, 16 Mar 2022 21:43:37 -0700 (PDT)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S236335AbiCOTHF (ORCPT <rfc822;sshegde.linux@gmail.com>
        + 99 others); Tue, 15 Mar 2022 15:07:05 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57478 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1351337AbiCOTG4 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 15 Mar 2022 15:06:56 -0400
Received: from zeniv-ca.linux.org.uk (zeniv-ca.linux.org.uk [142.44.231.140])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 930D4E2E;
        Tue, 15 Mar 2022 12:04:59 -0700 (PDT)
Received: from viro by zeniv-ca.linux.org.uk with local (Exim 4.94.2 #2 (Red Hat Linux))
        id 1nUCP3-00BlnI-Ls; Tue, 15 Mar 2022 19:00:17 +0000
Date:   Tue, 15 Mar 2022 19:00:17 +0000
From:   Al Viro <viro@zeniv.linux.org.uk>
To:     Hao Luo <haoluo@google.com>
Cc:     Alexei Starovoitov <ast@kernel.org>,
        Andrii Nakryiko <andrii@kernel.org>,
        Daniel Borkmann <daniel@iogearbox.net>,
        Martin KaFai Lau <kafai@fb.com>,
        Song Liu <songliubraving@fb.com>, Yonghong Song <yhs@fb.com>,
        KP Singh <kpsingh@kernel.org>,
        Shakeel Butt <shakeelb@google.com>,
        Joe Burton <jevburton.kernel@gmail.com>,
        Tejun Heo <tj@kernel.org>, joshdon@google.com, sdf@google.com,
        bpf@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH bpf-next v1 1/9] bpf: Add mkdir, rmdir, unlink syscalls
 for prog_bpf_syscall
Message-ID: <YjDiQbam/P+KkgKE@zeniv-ca.linux.org.uk>
References: <20220225234339.2386398-1-haoluo@google.com>
 <20220225234339.2386398-2-haoluo@google.com>
 <YiwXnSGf9Nb79wnm@zeniv-ca.linux.org.uk>
 <CA+khW7g+T2sAkP1aycmts_82JKWgYk5Y0ZJp+EvjFUyNY8W_5w@mail.gmail.com>
 <Yi/LaZ5id4ZjqFmL@zeniv-ca.linux.org.uk>
 <CA+khW7jhD0+s9kivrd6PsNEaxmDCewhk_egrsxwdHPZNkubJYA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CA+khW7jhD0+s9kivrd6PsNEaxmDCewhk_egrsxwdHPZNkubJYA@mail.gmail.com>
Sender: Al Viro <viro@ftp.linux.org.uk>
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,
	HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RDNS_NONE,
	SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no
	version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
	lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Tue, Mar 15, 2022 at 10:27:39AM -0700, Hao Luo wrote:

> Option 1: We can put restrictions on the pathname passed into this
> helper. We can explicitly require the parameter dirfd to be in bpffs
> (we can verify). In addition, we check pathname to be not containing
> any dot or dotdot, so the resolved path will end up inside bpffs,
> therefore won't take ->i_rwsem that is in the callchain of
> cgroup_mkdir().

Won't be enough - mount --bind the parent under itself and there you go...
Sure, you could prohibit mountpoint crossing, etc., but at that point
I'd question the usefulness of pathname resolution in the first place.