From patchwork Wed Aug 8 13:21:42 2012 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeff Layton X-Patchwork-Id: 1295521 Return-Path: X-Original-To: patchwork-linux-nfs@patchwork.kernel.org Delivered-To: patchwork-process-083081@patchwork2.kernel.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by patchwork2.kernel.org (Postfix) with ESMTP id 4A2E0DF223 for ; Wed, 8 Aug 2012 13:22:54 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1758528Ab2HHNWR (ORCPT ); Wed, 8 Aug 2012 09:22:17 -0400 Received: from mail-gh0-f174.google.com ([209.85.160.174]:53416 "EHLO mail-gh0-f174.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1758527Ab2HHNWO (ORCPT ); Wed, 8 Aug 2012 09:22:14 -0400 Received: by mail-gh0-f174.google.com with SMTP id r11so730335ghr.19 for ; Wed, 08 Aug 2012 06:22:13 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=sender:from:to:cc:subject:date:message-id:x-mailer:in-reply-to :references:x-gm-message-state; bh=ML96qz4OxHw6CvPtHXMlKOIK18mjmePCTsGY15udQqo=; b=Z64XyTYZxOUDiYGSy9MjRXP4aMKhFec6t1RqEAwTDZRr7kGQAhQJZLgvbF6mc52teI Kv544T6VSgvD420SRtOtnfjISFJo3eZVb9hT1xfuJbCjFvr5JtB2RyCT3iBETsn9+s/m gei519hX/2wqXyWu7tuFol8hQWcJ+LnXKqEArF/i1BBU22fcgznhAxZGS0STZmiCFq+s J+yauy+lmmZgnyUkLaZvAecL3KEgBqYjYXAZ7LPzkqUWRd385naKcTJuY5PhUkaL/L7b dIZxy44Zn9EGmYsHrSB6dpf10tw81JK1vmD8ZYRaYzbf4CrHu+Cg+cAxSMCqdmNLWAYC qbjw== Received: by 10.236.149.174 with SMTP id x34mr10678373yhj.119.1344432133665; Wed, 08 Aug 2012 06:22:13 -0700 (PDT) Received: from salusa.poochiereds.net (cpe-069-134-145-027.nc.res.rr.com. [69.134.145.27]) by mx.google.com with ESMTPS id l1sm24418002yhm.19.2012.08.08.06.22.12 (version=SSLv3 cipher=OTHER); Wed, 08 Aug 2012 06:22:13 -0700 (PDT) From: Jeff Layton To: viro@ZenIV.linux.org.uk Cc: linux-fsdevel@vger.kernel.org, linux-nfs@vger.kernel.org, linux-kernel@vger.kernel.org, michael.brantley@deshaw.com, hch@infradead.org, miklos@szeredi.hu, pstaubach@exagrid.com Subject: [PATCH v5 19/19] vfs: make chroot retry once on ESTALE error Date: Wed, 8 Aug 2012 09:21:42 -0400 Message-Id: <1344432102-22312-20-git-send-email-jlayton@redhat.com> X-Mailer: git-send-email 1.7.11.2 In-Reply-To: <1344432102-22312-1-git-send-email-jlayton@redhat.com> References: <1344432102-22312-1-git-send-email-jlayton@redhat.com> X-Gm-Message-State: ALoCoQk4s/wFo2Q2Z0jZL9A6GE6yUwdhpVRgdTLqFcRoqfc/mrhtWjS0gq6C8XNNoHqDSU5pcGXD Sender: linux-nfs-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org Signed-off-by: Jeff Layton --- fs/open.c | 43 +++++++++++++++++++++++++++---------------- 1 file changed, 27 insertions(+), 16 deletions(-) diff --git a/fs/open.c b/fs/open.c index 59a7e9d..991760f 100644 --- a/fs/open.c +++ b/fs/open.c @@ -455,27 +455,38 @@ SYSCALL_DEFINE1(chroot, const char __user *, filename) { struct path path; int error; + int lookup_flags = LOOKUP_FOLLOW | LOOKUP_DIRECTORY; + unsigned int try = 0; + char *name; - error = user_path_dir(filename, &path); - if (error) - goto out; + name = getname_flags(filename, lookup_flags, NULL); + if (IS_ERR(name)) + return PTR_ERR(name); - error = inode_permission(path.dentry->d_inode, MAY_EXEC | MAY_CHDIR); - if (error) - goto dput_and_out; + do { + error = kern_path_at(AT_FDCWD, name, lookup_flags, &path); + if (error) + break; - error = -EPERM; - if (!capable(CAP_SYS_CHROOT)) - goto dput_and_out; - error = security_path_chroot(&path); - if (error) - goto dput_and_out; + error = inode_permission(path.dentry->d_inode, + MAY_EXEC | MAY_CHDIR); + if (error) + goto dput_and_out; - set_fs_root(current->fs, &path); - error = 0; + error = -EPERM; + if (!capable(CAP_SYS_CHROOT)) + goto dput_and_out; + error = security_path_chroot(&path); + if (error) + goto dput_and_out; + + set_fs_root(current->fs, &path); + error = 0; dput_and_out: - path_put(&path); -out: + path_put(&path); + lookup_flags |= LOOKUP_REVAL; + } while (retry_estale(error, try++)); + putname(name); return error; }