Received: by 2002:a05:7412:da14:b0:e2:908c:2ebd with SMTP id fe20csp2369766rdb; Tue, 10 Oct 2023 01:38:35 -0700 (PDT) X-Google-Smtp-Source: AGHT+IE0NX4g+YUXTV4gHss/afInV6RNz8CYX/HM/fDaAxASmsAWs2/ypRSVjYhNxKRESXme3mK5 X-Received: by 2002:a17:902:a415:b0:1c7:443d:7412 with SMTP id p21-20020a170902a41500b001c7443d7412mr13619489plq.26.1696927115498; Tue, 10 Oct 2023 01:38:35 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1696927115; cv=none; d=google.com; s=arc-20160816; b=gANHZGapOjVCOSBOXm0aTiXqF5PqjtrZfoZg4f1iP1WTxeihpE4iv/IWWCYuqtbZpJ wNID9aPcZYlmEn0hhV2GtjFuprj3KoL9R8qU7mxNA2+bUHISmNJjiTm5b9l3JcoN2gLH dlum2OUj5IvAWJus88hAl1gl5uZs0xELl3+N9RmJj5s4eQdVsZaXJLpKwY4JQ+cqrHLL 6ixlaSHKDhIXtnzH5tuw9tXve49rUPCOVCZBjUGWCPw1mY6EXhY4OCgCjufmY/xe7/r3 c4O/1TmCVQ6V7WtQTL+SdZTSAEEn39BeYWKhhgIQ7A2iM2xG7gN0M7eLY2mhnWNf2BVR M1Jg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=LPnzfjGFkf+7LHSIaIysqiYrXBdreqHFjnV5ro6xNgg=; fh=xmGlgBUyUivHeQE8VFDrdBskDb8jJZU+NqMbNPgCBNw=; b=nIGkoxImJ4Vj8sF2hs7OPQdDZD0WMn1PFXsHlm1NuxNLTGyA8g6yMt8hVTE94oGqfg cCp3E1EccUQYB3dAK3hkN0jVnEMKVJsquaVu+TZ9h5FrtEj29AOHa01P0BKeZmBuDtUp 5MrJJEbP+KezrBmgxTY+Cf4yUqXRhKw8rJ81rUJPKsgY1Z0c7ojRea2lN+RWZv1JBt0+ 27+YfeF7CDLcMfVvqJZcxLbcEJY7SAsQ9QnWxd/qtw6JSVQrk3kzoHz4chEqKKFtoPwK uPaYuwrHzEsFUwSuYvd2BOc+ANRVuOCvx23V7AcNqjMs4z7WQjhMkCCrThn0piEOrqVc 9IKA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=KUiMo2sf; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:6 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from pete.vger.email (pete.vger.email. [2620:137:e000::3:6]) by mx.google.com with ESMTPS id kw15-20020a170902f90f00b001bbd0450af8si10740844plb.187.2023.10.10.01.38.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 10 Oct 2023 01:38:35 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:6 as permitted sender) client-ip=2620:137:e000::3:6; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=KUiMo2sf; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:6 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by pete.vger.email (Postfix) with ESMTP id 801E5807CECB; Tue, 10 Oct 2023 01:38:32 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at pete.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234686AbjJJIha (ORCPT + 99 others); Tue, 10 Oct 2023 04:37:30 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36532 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1442925AbjJJIhO (ORCPT ); Tue, 10 Oct 2023 04:37:14 -0400 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AE972D56; Tue, 10 Oct 2023 01:36:08 -0700 (PDT) Received: by smtp.kernel.org (Postfix) with ESMTPSA id A55C8C433C7; Tue, 10 Oct 2023 08:36:04 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1696926968; bh=r0acTdpPV43k03AaibK8ATvRg6OuKldRVbxez5OV1Wk=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=KUiMo2sfK8qNVzn9S67WuqpPL2z6FHIjcroFF4t4NDlVwiy7cASY1qTQbZ2waULx4 WICp1oJvJ+jLU3bRzuvIKn8qQZF68dJgv4ZY4MsELgva/xckA9qr3cplpIsPpfiE3k h/+b8fZ7x33UQTHaxbpQTisEzCCqX9Ll5yqIm+GE7AR9SCgM9+LTJOZP5Tt4iQlLjt Z2Z7djbu17Ep61ac0KGRM4IWAcFmvcGU4cMrEbu7d5nAvxWgE+KA78GR+lzTaADYdM AEC0Ve6geMd/9/u0NxNcT6PuSN0W8Rw1ul7AaHRGmbR2D0Qgb3TeBcpNjEskt4eqIu GXRVsp7e+HfcQ== From: Christian Brauner To: amir73il@gmail.com, Stefan Berger Cc: Christian Brauner , linux-unionfs@vger.kernel.org, miklos@szeredi.hu, Stefan Berger , syzbot+a67fc5321ffb4b311c98@syzkaller.appspotmail.com, Alexander Viro , linux-fsdevel@vger.kernel.org, Tyler Hicks , Mimi Zohar , linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH] fs: Pass AT_GETATTR_NOSEC flag to getattr interface function Date: Tue, 10 Oct 2023 10:35:47 +0200 Message-Id: <20231010-erhaben-kurznachrichten-d91432c937ee@brauner> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231002125733.1251467-1-stefanb@linux.vnet.ibm.com> References: <20231002125733.1251467-1-stefanb@linux.vnet.ibm.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" X-Developer-Signature: v=1; a=openpgp-sha256; l=1448; i=brauner@kernel.org; h=from:subject:message-id; bh=r0acTdpPV43k03AaibK8ATvRg6OuKldRVbxez5OV1Wk=; b=owGbwMvMwCU28Zj0gdSKO4sYT6slMaSq8tx16f98NfBy1Y1JS77aKfi5bJzIabXYSt5z28s6t+09 nLM9O0pZGMS4GGTFFFkc2k3C5ZbzVGw2ytSAmcPKBDKEgYtTACYyM43hv5uhRoDqs59z7B7kLDvH46 8SIGA1Oay4ZJYMy7Nt+ux/vjEy7D34aNKqW3GGQdk2POvXM3SLsPbs23G9iOG5m9h6S8VYJgA= X-Developer-Key: i=brauner@kernel.org; a=openpgp; fpr=4880B8C9BD0E5106FC070F4F7B3C391EFEA93624 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=2.4 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, RCVD_IN_SBL_CSS,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on pete.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (pete.vger.email [0.0.0.0]); Tue, 10 Oct 2023 01:38:33 -0700 (PDT) X-Spam-Level: ** On Mon, 02 Oct 2023 08:57:33 -0400, Stefan Berger wrote: > When vfs_getattr_nosec() calls a filesystem's getattr interface function > then the 'nosec' should propagate into this function so that > vfs_getattr_nosec() can again be called from the filesystem's gettattr > rather than vfs_getattr(). The latter would add unnecessary security > checks that the initial vfs_getattr_nosec() call wanted to avoid. > Therefore, introduce the getattr flag GETATTR_NOSEC and allow to pass > with the new getattr_flags parameter to the getattr interface function. > In overlayfs and ecryptfs use this flag to determine which one of the > two functions to call. > > [...] Applied to the vfs.fixes branch of the vfs/vfs.git tree. Patches in the vfs.fixes branch should appear in linux-next soon. Please report any outstanding bugs that were missed during review in a new review to the original patch series allowing us to drop it. It's encouraged to provide Acked-bys and Reviewed-bys even though the patch has now been applied. If possible patch trailers will be updated. Note that commit hashes shown below are subject to change due to rebase, trailer updates or similar. If in doubt, please check the listed branch. tree: https://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs.git branch: vfs.fixes [1/1] fs: Pass AT_GETATTR_NOSEC flag to getattr interface function https://git.kernel.org/vfs/vfs/c/6ea042691c74