Thread (69 messages) 69 messages, 13 authors, 2023-10-04

Re: [RFC PATCH 2/3] add statmnt(2) syscall

From: Paul Moore <paul@paul-moore.com>
Date: 2023-09-14 20:40:00
Also in: linux-fsdevel, linux-man, linux-security-module, lkml 

On Wed, Sep 13, 2023 at 11:23 AM Miklos Szeredi [off-list ref] wrote:
Add a way to query attributes of a single mount instead of having to parse
the complete /proc/$PID/mountinfo, which might be huge.

Lookup the mount by the old (32bit) or new (64bit) mount ID.  If a mount
needs to be queried based on path, then statx(2) can be used to first query
the mount ID belonging to the path.

Design is based on a suggestion by Linus:

  "So I'd suggest something that is very much like "statfsat()", which gets
   a buffer and a length, and returns an extended "struct statfs" *AND*
   just a string description at the end."

The interface closely mimics that of statx.

Handle ASCII attributes by appending after the end of the structure (as per
above suggestion).  Allow querying multiple string attributes with
individual offset/length for each.  String are nul terminated (termination
isn't counted in length).

Mount options are also delimited with nul characters.  Unlike proc, special
characters are not quoted.

Link: https://lore.kernel.org/all/CAHk-=wh5YifP7hzKSbwJj94+DZ2czjrZsczy6GBimiogZws=rg@mail.gmail.com/ (local)
Signed-off-by: Miklos Szeredi <redacted>
---
 arch/x86/entry/syscalls/syscall_64.tbl |   1 +
 fs/internal.h                          |   5 +
 fs/namespace.c                         | 312 ++++++++++++++++++++++++-
 fs/proc_namespace.c                    |  19 +-
 fs/statfs.c                            |   1 +
 include/linux/syscalls.h               |   3 +
 include/uapi/asm-generic/unistd.h      |   5 +-
 include/uapi/linux/mount.h             |  36 +++
 8 files changed, 373 insertions(+), 9 deletions(-)
...
quoted hunk ↗ jump to hunk
diff --git a/fs/namespace.c b/fs/namespace.c
index de47c5f66e17..088a52043bba 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
...

+static int do_statmnt(struct stmt_state *s)
+{
+       struct statmnt *sm = &s->sm;
+       struct mount *m = real_mount(s->mnt);
+
+       if (!capable(CAP_SYS_ADMIN) &&
+           !is_path_reachable(m, m->mnt.mnt_root, &s->root))
+               return -EPERM;
I realize statmnt() is different from fstatfs(), but from an access
control perspective they look a lot alike to me which is why I think
we should probably have a security_sb_statfs() call here.  Same thing
for the listmnt() syscall in patch 3/3.

+       stmt_numeric(s, STMT_SB_BASIC, stmt_sb_basic);
+       stmt_numeric(s, STMT_MNT_BASIC, stmt_mnt_basic);
+       stmt_numeric(s, STMT_PROPAGATE_FROM, stmt_propagate_from);
+       stmt_string(s, STMT_MNT_ROOT, stmt_mnt_root, &sm->mnt_root);
+       stmt_string(s, STMT_MOUNTPOINT, stmt_mountpoint, &sm->mountpoint);
+       stmt_string(s, STMT_FS_TYPE, stmt_fs_type, &sm->fs_type);
+       stmt_string(s, STMT_SB_OPTS, stmt_sb_opts, &sm->sb_opts);
+
+       if (s->err)
+               return s->err;
+
+       if (copy_to_user(s->buf, sm, min_t(size_t, s->bufsize, sizeof(*sm))))
+               return -EFAULT;
+
+       return 0;
+}
-- 
paul-moore.com
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help