diff mbox series

[21/24] PM: hibernate: don't use early_lookup_bdev in resume_store

Message ID 20230523074535.249802-22-hch@lst.de (mailing list archive)
State Handled Elsewhere, archived
Headers show
Series [01/24] driver core: return bool from driver_probe_done | expand

Commit Message

Christoph Hellwig May 23, 2023, 7:45 a.m. UTC
resume_store is a sysfs attribute written during normal kernel runtime,
and it should not use the early_lookup_bdev API that bypasses all normal
path based permission checking, and might cause problems with certain
container environments renaming devices.

Switch to lookup_bdev, which does a normal path lookup instead, and fall
back to trying to parse a numeric dev_t just like early_lookup_bdev did.

Note that this strictly speaking changes the kernel ABI as the PARTUUID=
and PARTLABEL= style syntax is now not available during a running
systems.  They never were intended for that, but this breaks things
we'll have to figure out a way to make them available again.  But if
avoidable in any way I'd rather avoid that.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Fixes: 421a5fa1a6cf ("PM / hibernate: use name_to_dev_t to parse resume")
---
 kernel/power/hibernate.c | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

Comments

Rafael J. Wysocki May 23, 2023, 6:36 p.m. UTC | #1
On Tue, May 23, 2023 at 9:46 AM Christoph Hellwig <hch@lst.de> wrote:
>
> resume_store is a sysfs attribute written during normal kernel runtime,
> and it should not use the early_lookup_bdev API that bypasses all normal
> path based permission checking, and might cause problems with certain
> container environments renaming devices.
>
> Switch to lookup_bdev, which does a normal path lookup instead, and fall
> back to trying to parse a numeric dev_t just like early_lookup_bdev did.
>
> Note that this strictly speaking changes the kernel ABI as the PARTUUID=
> and PARTLABEL= style syntax is now not available during a running
> systems.  They never were intended for that, but this breaks things
> we'll have to figure out a way to make them available again.  But if
> avoidable in any way I'd rather avoid that.
>
> Signed-off-by: Christoph Hellwig <hch@lst.de>
> Fixes: 421a5fa1a6cf ("PM / hibernate: use name_to_dev_t to parse resume")

Acked-by: Rafael J. Wysocki <rafael@kernel.org>

> ---
>  kernel/power/hibernate.c | 18 +++++++++++++++++-
>  1 file changed, 17 insertions(+), 1 deletion(-)
>
> diff --git a/kernel/power/hibernate.c b/kernel/power/hibernate.c
> index c52dedb9f7c8e8..7ae95ec72f9902 100644
> --- a/kernel/power/hibernate.c
> +++ b/kernel/power/hibernate.c
> @@ -1178,7 +1178,23 @@ static ssize_t resume_store(struct kobject *kobj, struct kobj_attribute *attr,
>         if (!name)
>                 return -ENOMEM;
>
> -       error = early_lookup_bdev(name, &dev);
> +       error = lookup_bdev(name, &dev);
> +       if (error) {
> +               unsigned maj, min, offset;
> +               char *p, dummy;
> +
> +               if (sscanf(name, "%u:%u%c", &maj, &min, &dummy) == 2 ||
> +                   sscanf(name, "%u:%u:%u:%c", &maj, &min, &offset,
> +                               &dummy) == 3) {
> +                       dev = MKDEV(maj, min);
> +                       if (maj != MAJOR(dev) || min != MINOR(dev))
> +                               error = -EINVAL;
> +               } else {
> +                       dev = new_decode_dev(simple_strtoul(name, &p, 16));
> +                       if (*p)
> +                               error = -EINVAL;
> +               }
> +       }
>         kfree(name);
>         if (error)
>                 return error;
> --
> 2.39.2
>
diff mbox series

Patch

diff --git a/kernel/power/hibernate.c b/kernel/power/hibernate.c
index c52dedb9f7c8e8..7ae95ec72f9902 100644
--- a/kernel/power/hibernate.c
+++ b/kernel/power/hibernate.c
@@ -1178,7 +1178,23 @@  static ssize_t resume_store(struct kobject *kobj, struct kobj_attribute *attr,
 	if (!name)
 		return -ENOMEM;
 
-	error = early_lookup_bdev(name, &dev);
+	error = lookup_bdev(name, &dev);
+	if (error) {
+		unsigned maj, min, offset;
+		char *p, dummy;
+
+		if (sscanf(name, "%u:%u%c", &maj, &min, &dummy) == 2 ||
+		    sscanf(name, "%u:%u:%u:%c", &maj, &min, &offset,
+				&dummy) == 3) {
+			dev = MKDEV(maj, min);
+			if (maj != MAJOR(dev) || min != MINOR(dev))
+				error = -EINVAL;
+		} else {
+			dev = new_decode_dev(simple_strtoul(name, &p, 16));
+			if (*p)
+				error = -EINVAL;
+		}
+	}
 	kfree(name);
 	if (error)
 		return error;