From patchwork Tue Nov 28 16:03:32 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Miklos Szeredi <mszeredi@redhat.com>
X-Patchwork-Id: 13471411
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com
 header.b="WP1hlcyP"
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.129.124])
	by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5F32A1BE
	for <linux-fsdevel@vger.kernel.org>; Tue, 28 Nov 2023 08:03:48 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1701187427;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=y0zwWzL4LnouvSC6RVe208OxiX7Lwfh27TloREnRbLc=;
	b=WP1hlcyP2EonH8zWsECQ5W22Hhp8bpwOTFDIRi8rFGRd0uXQ2/3do1vnoRO1FbFHPxcc7U
	hgOAmgx9TJdx36sdr1ZKHmMPCeuzAWWWUnfFRuZ7Pbl1iWFYXG5W6lyTjDL+PsKhHYgmyO
	u9EH8IAGmqXQ1ZUad627UaAAZFxwZAQ=
Received: from mail-wr1-f72.google.com (mail-wr1-f72.google.com
 [209.85.221.72]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-383-fg1t2DiLMAaJnsnyQI7ZSA-1; Tue, 28 Nov 2023 11:03:45 -0500
X-MC-Unique: fg1t2DiLMAaJnsnyQI7ZSA-1
Received: by mail-wr1-f72.google.com with SMTP id
 ffacd0b85a97d-332fab597afso1901830f8f.3
        for <linux-fsdevel@vger.kernel.org>;
 Tue, 28 Nov 2023 08:03:45 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1701187425; x=1701792225;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=y0zwWzL4LnouvSC6RVe208OxiX7Lwfh27TloREnRbLc=;
        b=LOr7pEUU05RcIHofwwHvkp1xix8RgIGbr8BFS57NIurXSWq0pMmfKnMix2CQWCYxGN
         FB/2GDipp6HTt8i1kxOxNu7a5rIY0bKwgVwp01S3XFMS8ypiCU82WOjG8PBbjn1jffcd
         ZAV0BYnkSwXbvwm7gwlBmoX4jQokk+Qt5xlnDkz9C3NxWJUTXfQy7YOWqlR4LG1i5qIu
         M0LRTPwPkhOInKKacSrpBWJI0uZvsi3UNDe7zQob2GbB1ikc/dI1+kckw7YT6Gg+fei4
         DOgNqggG8GAcKYNkF0IA+KFKCKl1+ojzZpgczUmABD3x5fKKVeVHQox1NsiNXEEsgcWp
         7i2w==
X-Gm-Message-State: AOJu0Yypu3/Xp7Ke2kYvZT5JqEVfCwHPGeGFT8IArwA9/p6Wj6erdswb
	XzueJ/UEo15sMe0Kvzqp2JG9i4ZnnxnV28UDgVFAcXg0M5CWLc1kSDx3uPV56gQWF4otwOwMuAd
	ynpMJqUrCqQw9FAR11kEuO2yEiA==
X-Received: by 2002:a5d:6da7:0:b0:333:13ce:dc8c with SMTP id
 u7-20020a5d6da7000000b0033313cedc8cmr399078wrs.13.1701187424798;
        Tue, 28 Nov 2023 08:03:44 -0800 (PST)
X-Google-Smtp-Source: 
 AGHT+IEiOfaV75sGNSINsDpeEEds9KGbjsyagDyEpffjIbzoesRBATKMzILUEn1SQPtaalN7o6I1qQ==
X-Received: by 2002:a5d:6da7:0:b0:333:13ce:dc8c with SMTP id
 u7-20020a5d6da7000000b0033313cedc8cmr399051wrs.13.1701187424562;
        Tue, 28 Nov 2023 08:03:44 -0800 (PST)
Received: from maszat.piliscsaba.szeredi.hu (89-148-117-163.pool.digikabel.hu.
 [89.148.117.163])
        by smtp.gmail.com with ESMTPSA id
 w27-20020adf8bdb000000b00332e5624a31sm14745352wra.84.2023.11.28.08.03.42
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 28 Nov 2023 08:03:43 -0800 (PST)
From: Miklos Szeredi <mszeredi@redhat.com>
To: Christian Brauner <christian@brauner.io>
Cc: linux-api@vger.kernel.org,
	linux-man@vger.kernel.org,
	linux-security-module@vger.kernel.org,
	Karel Zak <kzak@redhat.com>,
	linux-fsdevel@vger.kernel.org,
	Ian Kent <raven@themaw.net>,
	David Howells <dhowells@redhat.com>,
	Al Viro <viro@zeniv.linux.org.uk>
Subject: [PATCH 1/4] listmount: rip out flags
Date: Tue, 28 Nov 2023 17:03:32 +0100
Message-ID: <20231128160337.29094-2-mszeredi@redhat.com>
X-Mailer: git-send-email 2.41.0
In-Reply-To: <20231128160337.29094-1-mszeredi@redhat.com>
References: <20231128160337.29094-1-mszeredi@redhat.com>
Precedence: bulk
X-Mailing-List: linux-fsdevel@vger.kernel.org
List-Id: <linux-fsdevel.vger.kernel.org>
List-Subscribe: <mailto:linux-fsdevel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-fsdevel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0

LISTMOUNT_UNREACHABLE will be achieved differently in a following patch.

LISTMOUNT_RECURSIVE becomes the default.  If non-recursive listing turns
out to be needed, it can be added later.

Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
---
 fs/namespace.c             | 49 +++++++++++++-------------------------
 include/uapi/linux/mount.h |  4 ----
 2 files changed, 16 insertions(+), 37 deletions(-)

diff --git a/fs/namespace.c b/fs/namespace.c
index cb338ab18db9..9b4cb25c25ed 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -5004,18 +5004,13 @@ static struct mount *listmnt_first(struct mount *root)
 	return list_first_entry_or_null(&root->mnt_mounts, struct mount, mnt_child);
 }
 
-static struct mount *listmnt_next(struct mount *curr, struct mount *root, bool recurse)
+static struct mount *listmnt_next(struct mount *curr, struct mount *root)
 {
-	if (recurse)
-		return next_mnt(curr, root);
-	if (!list_is_head(curr->mnt_child.next, &root->mnt_mounts))
-		return list_next_entry(curr, mnt_child);
-	return NULL;
+	return next_mnt(curr, root);
 }
 
 static ssize_t do_listmount(struct vfsmount *mnt, u64 __user *buf,
-			    size_t bufsize, const struct path *root,
-			    unsigned int flags)
+			    size_t bufsize, const struct path *root)
 {
 	struct mount *r, *m = real_mount(mnt);
 	struct path rootmnt = {
@@ -5023,26 +5018,17 @@ static ssize_t do_listmount(struct vfsmount *mnt, u64 __user *buf,
 		.dentry = root->mnt->mnt_root
 	};
 	ssize_t ctr;
-	bool reachable_only = true;
-	bool recurse = flags & LISTMOUNT_RECURSIVE;
 	int err;
 
-	if (flags & LISTMOUNT_UNREACHABLE) {
-		if (!capable(CAP_SYS_ADMIN))
-			return -EPERM;
-		reachable_only = false;
-	}
-
-	if (reachable_only && !is_path_reachable(m, mnt->mnt_root, &rootmnt))
+	if (!is_path_reachable(m, mnt->mnt_root, &rootmnt))
 		return capable(CAP_SYS_ADMIN) ? 0 : -EPERM;
 
 	err = security_sb_statfs(mnt->mnt_root);
 	if (err)
 		return err;
 
-	for (ctr = 0, r = listmnt_first(m); r; r = listmnt_next(r, m, recurse)) {
-		if (reachable_only &&
-		    !is_path_reachable(r, r->mnt.mnt_root, root))
+	for (ctr = 0, r = listmnt_first(m); r; r = listmnt_next(r, m)) {
+		if (!is_path_reachable(r, r->mnt.mnt_root, root))
 			continue;
 
 		if (ctr >= bufsize)
@@ -5065,7 +5051,7 @@ SYSCALL_DEFINE4(listmount, const struct mnt_id_req __user *, req,
 	u64 mnt_id;
 	ssize_t ret;
 
-	if (flags & ~(LISTMOUNT_UNREACHABLE | LISTMOUNT_RECURSIVE))
+	if (flags)
 		return -EINVAL;
 
 	if (copy_from_user(&kreq, req, sizeof(kreq)))
@@ -5075,20 +5061,17 @@ SYSCALL_DEFINE4(listmount, const struct mnt_id_req __user *, req,
 	mnt_id = kreq.mnt_id;
 
 	down_read(&namespace_sem);
-	if (mnt_id == LSMT_ROOT)
-		mnt = &current->nsproxy->mnt_ns->root->mnt;
-	else
-		mnt = lookup_mnt_in_ns(mnt_id, current->nsproxy->mnt_ns);
-	if (!mnt) {
-		up_read(&namespace_sem);
-		return -ENOENT;
-	}
-
 	get_fs_root(current->fs, &root);
-	/* Skip unreachable for LSMT_ROOT */
-	if (mnt_id == LSMT_ROOT && !(flags & LISTMOUNT_UNREACHABLE))
+	if (mnt_id == LSMT_ROOT) {
 		mnt = root.mnt;
-	ret = do_listmount(mnt, buf, bufsize, &root, flags);
+	} else {
+		ret = -ENOENT;
+		mnt = lookup_mnt_in_ns(mnt_id, current->nsproxy->mnt_ns);
+		if (!mnt)
+			goto err;
+	}
+	ret = do_listmount(mnt, buf, bufsize, &root);
+err:
 	path_put(&root);
 	up_read(&namespace_sem);
 	return ret;
diff --git a/include/uapi/linux/mount.h b/include/uapi/linux/mount.h
index 7a5bd0b24a62..f6b35a15b7dd 100644
--- a/include/uapi/linux/mount.h
+++ b/include/uapi/linux/mount.h
@@ -191,10 +191,6 @@ struct mnt_id_req {
 #define STATMOUNT_MNT_POINT		0x00000010U	/* Want/got mnt_point */
 #define STATMOUNT_FS_TYPE		0x00000020U	/* Want/got fs_type */
 
-/* listmount(2) flags */
-#define LISTMOUNT_UNREACHABLE	0x01U	/* List unreachable mounts too */
-#define LISTMOUNT_RECURSIVE	0x02U	/* List a mount tree */
-
 /*
  * Special @mnt_id values that can be passed to listmount
  */

From patchwork Tue Nov 28 16:03:33 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Miklos Szeredi <mszeredi@redhat.com>
X-Patchwork-Id: 13471412
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com
 header.b="bHl2RhqE"
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.129.124])
	by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0503712A
	for <linux-fsdevel@vger.kernel.org>; Tue, 28 Nov 2023 08:03:54 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1701187434;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=uHWP4CgGMGQMa05oAicwuViSFvoHVKUifmpkz3RoaX8=;
	b=bHl2RhqEz3YKH8lD6v1Pp8G5P/dSKy+kkpQS2EypRehQqd+2+XZEsA02W5sbTDnJIhmFiW
	avnfMOOjp55JhHQSpkf5WSSm8/mTwgr8L36RlYZQWeHebOJjJj+RPoxQdcIbam1lH9CIOL
	saMYAw40hKXRTFEtUvGFZ5lSx7WMjeo=
Received: from mail-wm1-f71.google.com (mail-wm1-f71.google.com
 [209.85.128.71]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-207-6NSE9PPjOHKTYrUr2jGkng-1; Tue, 28 Nov 2023 11:03:49 -0500
X-MC-Unique: 6NSE9PPjOHKTYrUr2jGkng-1
Received: by mail-wm1-f71.google.com with SMTP id
 5b1f17b1804b1-40b346a11d9so32045445e9.3
        for <linux-fsdevel@vger.kernel.org>;
 Tue, 28 Nov 2023 08:03:49 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1701187427; x=1701792227;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=uHWP4CgGMGQMa05oAicwuViSFvoHVKUifmpkz3RoaX8=;
        b=oaqtW+mK7IVdeagdmGwZHfO7CUgBBbZ5YgcZ562EiGPUpzq35cCB6buTOYMqB1V2w6
         TF0oMi9IAopzPLnNGt8XQ3PyE4XgBj3sb7ol5H2j6EiuANXhhSiO+PcrXURc6TrWi0wW
         IesTxVh3Ogd9Di2wp4M1PU9gk35gm/XI58YiGt83HLJWZOLtuuNQG+4CmhL+VNRx8tKo
         SqWNqchUachS0eJ7KIRCgtnbp/0OWy8tno6N2iapvaCcj70X3xsONnGnnO9BqUgxIeqa
         OssF24OgyzKIE9phIBsu/vQla4r9O2F2z67+6zOLK85nvq2IcTuQaKmujk6w2yVzuIpu
         3pvg==
X-Gm-Message-State: AOJu0YxRoJOM3AlN80ODM0cOo269bMOEhW8VsiqZq5WF2b2esQBs8cCX
	YbvgoJrW0KmlXVmYdkcuHb16NYqN3hSFOcjsgALs5595wvkAv290DFyD+dRmVf63tyJiE90dYrB
	h8+1xt8ytIt5mxMvJmX5qKumqYYwYKVspcQ==
X-Received: by 2002:a5d:6346:0:b0:332:f3c9:1c8b with SMTP id
 b6-20020a5d6346000000b00332f3c91c8bmr6888837wrw.35.1701187427207;
        Tue, 28 Nov 2023 08:03:47 -0800 (PST)
X-Google-Smtp-Source: 
 AGHT+IFeAuJxAOs5c/9tnwUokFzgY0Drl2v1Y2ITVtVNS8ZYHkGucf8lZeJyedz1R9kZoZu7mu1PWg==
X-Received: by 2002:a5d:6346:0:b0:332:f3c9:1c8b with SMTP id
 b6-20020a5d6346000000b00332f3c91c8bmr6888808wrw.35.1701187426874;
        Tue, 28 Nov 2023 08:03:46 -0800 (PST)
Received: from maszat.piliscsaba.szeredi.hu (89-148-117-163.pool.digikabel.hu.
 [89.148.117.163])
        by smtp.gmail.com with ESMTPSA id
 w27-20020adf8bdb000000b00332e5624a31sm14745352wra.84.2023.11.28.08.03.44
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 28 Nov 2023 08:03:45 -0800 (PST)
From: Miklos Szeredi <mszeredi@redhat.com>
To: Christian Brauner <christian@brauner.io>
Cc: linux-api@vger.kernel.org,
	linux-man@vger.kernel.org,
	linux-security-module@vger.kernel.org,
	Karel Zak <kzak@redhat.com>,
	linux-fsdevel@vger.kernel.org,
	Ian Kent <raven@themaw.net>,
	David Howells <dhowells@redhat.com>,
	Al Viro <viro@zeniv.linux.org.uk>
Subject: [PATCH 2/4] listmount: list mounts in ID order
Date: Tue, 28 Nov 2023 17:03:33 +0100
Message-ID: <20231128160337.29094-3-mszeredi@redhat.com>
X-Mailer: git-send-email 2.41.0
In-Reply-To: <20231128160337.29094-1-mszeredi@redhat.com>
References: <20231128160337.29094-1-mszeredi@redhat.com>
Precedence: bulk
X-Mailing-List: linux-fsdevel@vger.kernel.org
List-Id: <linux-fsdevel.vger.kernel.org>
List-Subscribe: <mailto:linux-fsdevel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-fsdevel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0

This is needed to allow continuing from a midpoint.

Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
---
 fs/namespace.c | 38 ++++++++++++++++++++++++--------------
 1 file changed, 24 insertions(+), 14 deletions(-)

diff --git a/fs/namespace.c b/fs/namespace.c
index 9b4cb25c25ed..ad62cf7ee334 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -1010,7 +1010,7 @@ void mnt_change_mountpoint(struct mount *parent, struct mountpoint *mp, struct m
 
 static inline struct mount *node_to_mount(struct rb_node *node)
 {
-	return rb_entry(node, struct mount, mnt_node);
+	return node ? rb_entry(node, struct mount, mnt_node) : NULL;
 }
 
 static void mnt_add_to_ns(struct mnt_namespace *ns, struct mount *mnt)
@@ -4999,24 +4999,21 @@ SYSCALL_DEFINE4(statmount, const struct mnt_id_req __user *, req,
 	return ret;
 }
 
-static struct mount *listmnt_first(struct mount *root)
+static struct mount *listmnt_next(struct mount *curr)
 {
-	return list_first_entry_or_null(&root->mnt_mounts, struct mount, mnt_child);
+	return node_to_mount(rb_next(&curr->mnt_node));
 }
 
-static struct mount *listmnt_next(struct mount *curr, struct mount *root)
-{
-	return next_mnt(curr, root);
-}
-
-static ssize_t do_listmount(struct vfsmount *mnt, u64 __user *buf,
-			    size_t bufsize, const struct path *root)
+static ssize_t do_listmount(struct mount *first, struct vfsmount *mnt,
+			    u64 __user *buf, size_t bufsize,
+			    const struct path *root)
 {
 	struct mount *r, *m = real_mount(mnt);
 	struct path rootmnt = {
 		.mnt = root->mnt,
 		.dentry = root->mnt->mnt_root
 	};
+	struct path orig;
 	ssize_t ctr;
 	int err;
 
@@ -5027,8 +5024,17 @@ static ssize_t do_listmount(struct vfsmount *mnt, u64 __user *buf,
 	if (err)
 		return err;
 
-	for (ctr = 0, r = listmnt_first(m); r; r = listmnt_next(r, m)) {
-		if (!is_path_reachable(r, r->mnt.mnt_root, root))
+	if (root->mnt == mnt) {
+		orig = *root;
+	} else {
+		orig.mnt = mnt;
+		orig.dentry = mnt->mnt_root;
+	}
+
+	for (ctr = 0, r = first; r; r = listmnt_next(r)) {
+		if (r == m)
+			continue;
+		if (!is_path_reachable(r, r->mnt.mnt_root, &orig))
 			continue;
 
 		if (ctr >= bufsize)
@@ -5045,8 +5051,10 @@ static ssize_t do_listmount(struct vfsmount *mnt, u64 __user *buf,
 SYSCALL_DEFINE4(listmount, const struct mnt_id_req __user *, req,
 		u64 __user *, buf, size_t, bufsize, unsigned int, flags)
 {
+	struct mnt_namespace *ns = current->nsproxy->mnt_ns;
 	struct mnt_id_req kreq;
 	struct vfsmount *mnt;
+	struct mount *first;
 	struct path root;
 	u64 mnt_id;
 	ssize_t ret;
@@ -5066,11 +5074,13 @@ SYSCALL_DEFINE4(listmount, const struct mnt_id_req __user *, req,
 		mnt = root.mnt;
 	} else {
 		ret = -ENOENT;
-		mnt = lookup_mnt_in_ns(mnt_id, current->nsproxy->mnt_ns);
+		mnt  = lookup_mnt_in_ns(mnt_id, ns);
 		if (!mnt)
 			goto err;
 	}
-	ret = do_listmount(mnt, buf, bufsize, &root);
+	first = node_to_mount(rb_first(&ns->mounts));
+
+	ret = do_listmount(first, mnt, buf, bufsize, &root);
 err:
 	path_put(&root);
 	up_read(&namespace_sem);

From patchwork Tue Nov 28 16:03:34 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Miklos Szeredi <mszeredi@redhat.com>
X-Patchwork-Id: 13471414
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com
 header.b="KWzajuFq"
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.133.124])
	by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BC652D5B
	for <linux-fsdevel@vger.kernel.org>; Tue, 28 Nov 2023 08:04:08 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1701187445;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=omywh3uYUA+OP9xtT6bY+D59biyAwUJXDod3WOPdRWc=;
	b=KWzajuFqxzQRey8wsCi9uxiSzh2gXf1SVHxIa200eCucA1YDknxkxbD+IPET6hgKKr1RqR
	6EOhJ/VM/OmFUJnpprCRhxnZZcBXYvuGEzj8x3052UYjOEWCJi6WWKUeFuXXUct+wMFnVl
	JlJBv5u7GPXLe+eq6p4XLzXTSas5MBU=
Received: from mail-wr1-f71.google.com (mail-wr1-f71.google.com
 [209.85.221.71]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-652-smrg8S2cNb27phBZvmOGwQ-1; Tue, 28 Nov 2023 11:03:55 -0500
X-MC-Unique: smrg8S2cNb27phBZvmOGwQ-1
Received: by mail-wr1-f71.google.com with SMTP id
 ffacd0b85a97d-333112c1e72so429427f8f.0
        for <linux-fsdevel@vger.kernel.org>;
 Tue, 28 Nov 2023 08:03:52 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1701187429; x=1701792229;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=omywh3uYUA+OP9xtT6bY+D59biyAwUJXDod3WOPdRWc=;
        b=kneQbWRalUnME/iKf4tb8WJ++Rxi227skaZuCskVRG1GQg9kMYKVGtP9WMSUIKzlXq
         JssVjUdDekFvKRFBPcIflkTUvFAGfgtu2DuhyFaeG+dF914q2hBdNcnzi8lzwQZW8S64
         NfqfgiJhi4z03VgfmI9OapOICkdmZtATVtJR9RB8ot7U94wHQykifI49FogEqyVbekGO
         9MMgrYRHmbZtQ2kGxR0sXYCNYn1/kbNlgDKeliSLQdRXeYG0Qi5HiyvHmnmQFkaaZfSq
         AIV4uzTM+8kCRCqWALgWpG09pQ2mVtDNO6b3XlqFCl1RGJmNFSz+6kmhBspxLU4/4Al7
         862A==
X-Gm-Message-State: AOJu0YwZLzLy4Vg5e3dDwmn/0YjFT8DpOjfngXuTzoJ83oICEJVACU/f
	yguA4F9ML1vJQQQt72s2zyZbhbnim5D5QUBFVxhxf+255PIeW+jt/Mq8v6PPyK0x/q0U32tu2ON
	sxHeh6zvIXzlzk+Vb0Dv14f+73w==
X-Received: by 2002:adf:f1c1:0:b0:333:57:52dc with SMTP id
 z1-20020adff1c1000000b00333005752dcmr6968619wro.28.1701187429400;
        Tue, 28 Nov 2023 08:03:49 -0800 (PST)
X-Google-Smtp-Source: 
 AGHT+IEjBXrvjTmUnqUbvz6X5Z6wicgMGQwKTpwouHd6eOg+ohVwquafvdjG1qDYQ2HQi5uGrlK3bQ==
X-Received: by 2002:adf:f1c1:0:b0:333:57:52dc with SMTP id
 z1-20020adff1c1000000b00333005752dcmr6968581wro.28.1701187429027;
        Tue, 28 Nov 2023 08:03:49 -0800 (PST)
Received: from maszat.piliscsaba.szeredi.hu (89-148-117-163.pool.digikabel.hu.
 [89.148.117.163])
        by smtp.gmail.com with ESMTPSA id
 w27-20020adf8bdb000000b00332e5624a31sm14745352wra.84.2023.11.28.08.03.46
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 28 Nov 2023 08:03:47 -0800 (PST)
From: Miklos Szeredi <mszeredi@redhat.com>
To: Christian Brauner <christian@brauner.io>
Cc: linux-api@vger.kernel.org,
	linux-man@vger.kernel.org,
	linux-security-module@vger.kernel.org,
	Karel Zak <kzak@redhat.com>,
	linux-fsdevel@vger.kernel.org,
	Ian Kent <raven@themaw.net>,
	David Howells <dhowells@redhat.com>,
	Al Viro <viro@zeniv.linux.org.uk>
Subject: [PATCH 3/4] listmount: small changes in semantics
Date: Tue, 28 Nov 2023 17:03:34 +0100
Message-ID: <20231128160337.29094-4-mszeredi@redhat.com>
X-Mailer: git-send-email 2.41.0
In-Reply-To: <20231128160337.29094-1-mszeredi@redhat.com>
References: <20231128160337.29094-1-mszeredi@redhat.com>
Precedence: bulk
X-Mailing-List: linux-fsdevel@vger.kernel.org
List-Id: <linux-fsdevel.vger.kernel.org>
List-Subscribe: <mailto:linux-fsdevel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-fsdevel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0

1) Make permission checking consistent with statmount(2): fail if mount is
unreachable from current root.  Previously it failed if mount was
unreachable from root->mnt->mnt_root.

2) List all submounts, even if unreachable from current root.  This is
safe, since 1) will prevent listing unreachable mounts for unprivileged
users.

3) LSMT_ROOT is unchaged, it lists mounts under current root.

Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
---
 fs/namespace.c | 39 ++++++++++++++-------------------------
 1 file changed, 14 insertions(+), 25 deletions(-)

diff --git a/fs/namespace.c b/fs/namespace.c
index ad62cf7ee334..10cd651175b5 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -5004,37 +5004,26 @@ static struct mount *listmnt_next(struct mount *curr)
 	return node_to_mount(rb_next(&curr->mnt_node));
 }
 
-static ssize_t do_listmount(struct mount *first, struct vfsmount *mnt,
+static ssize_t do_listmount(struct mount *first, struct path *orig, u64 mnt_id,
 			    u64 __user *buf, size_t bufsize,
 			    const struct path *root)
 {
-	struct mount *r, *m = real_mount(mnt);
-	struct path rootmnt = {
-		.mnt = root->mnt,
-		.dentry = root->mnt->mnt_root
-	};
-	struct path orig;
+	struct mount *r;
 	ssize_t ctr;
 	int err;
 
-	if (!is_path_reachable(m, mnt->mnt_root, &rootmnt))
-		return capable(CAP_SYS_ADMIN) ? 0 : -EPERM;
+	if (!capable(CAP_SYS_ADMIN) &&
+	    !is_path_reachable(real_mount(orig->mnt), orig->dentry, root))
+		return -EPERM;
 
-	err = security_sb_statfs(mnt->mnt_root);
+	err = security_sb_statfs(orig->dentry);
 	if (err)
 		return err;
 
-	if (root->mnt == mnt) {
-		orig = *root;
-	} else {
-		orig.mnt = mnt;
-		orig.dentry = mnt->mnt_root;
-	}
-
 	for (ctr = 0, r = first; r; r = listmnt_next(r)) {
-		if (r == m)
+		if (r->mnt_id_unique == mnt_id)
 			continue;
-		if (!is_path_reachable(r, r->mnt.mnt_root, &orig))
+		if (!is_path_reachable(r, r->mnt.mnt_root, orig))
 			continue;
 
 		if (ctr >= bufsize)
@@ -5053,9 +5042,8 @@ SYSCALL_DEFINE4(listmount, const struct mnt_id_req __user *, req,
 {
 	struct mnt_namespace *ns = current->nsproxy->mnt_ns;
 	struct mnt_id_req kreq;
-	struct vfsmount *mnt;
 	struct mount *first;
-	struct path root;
+	struct path root, orig;
 	u64 mnt_id;
 	ssize_t ret;
 
@@ -5071,16 +5059,17 @@ SYSCALL_DEFINE4(listmount, const struct mnt_id_req __user *, req,
 	down_read(&namespace_sem);
 	get_fs_root(current->fs, &root);
 	if (mnt_id == LSMT_ROOT) {
-		mnt = root.mnt;
+		orig = root;
 	} else {
 		ret = -ENOENT;
-		mnt  = lookup_mnt_in_ns(mnt_id, ns);
-		if (!mnt)
+		orig.mnt  = lookup_mnt_in_ns(mnt_id, ns);
+		if (!orig.mnt)
 			goto err;
+		orig.dentry = orig.mnt->mnt_root;
 	}
 	first = node_to_mount(rb_first(&ns->mounts));
 
-	ret = do_listmount(first, mnt, buf, bufsize, &root);
+	ret = do_listmount(first, &orig, mnt_id, buf, bufsize, &root);
 err:
 	path_put(&root);
 	up_read(&namespace_sem);

From patchwork Tue Nov 28 16:03:35 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Miklos Szeredi <mszeredi@redhat.com>
X-Patchwork-Id: 13471413
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com
 header.b="f02JtWPW"
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.129.124])
	by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2BF1E1BE
	for <linux-fsdevel@vger.kernel.org>; Tue, 28 Nov 2023 08:03:56 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1701187435;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=4m6tDkdqSaR0d8GaO2j1yGeRlQK9+QqRyo5nT9BhDIE=;
	b=f02JtWPWEKgCA8GmNTKRReexbfNgAZzAmt6TvezknO5lzt1M0+u60WFtNBte2rKzWLtygB
	qGQLXZZCdzOgh675S8jl43lK3xM8A06E+6CRMiKsw/x9bHK4Sp+OMajbOJC5OA9fw4GuI6
	LBfwzKqtmQnAoVVECjUwGUvckKbr8hI=
Received: from mail-wr1-f69.google.com (mail-wr1-f69.google.com
 [209.85.221.69]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-569-fnWVE9ssOReQGoguSqTgTg-1; Tue, 28 Nov 2023 11:03:53 -0500
X-MC-Unique: fnWVE9ssOReQGoguSqTgTg-1
Received: by mail-wr1-f69.google.com with SMTP id
 ffacd0b85a97d-332e18f4fdbso3404805f8f.1
        for <linux-fsdevel@vger.kernel.org>;
 Tue, 28 Nov 2023 08:03:53 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1701187432; x=1701792232;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=4m6tDkdqSaR0d8GaO2j1yGeRlQK9+QqRyo5nT9BhDIE=;
        b=L5oOIvYZ2nxCQb/KnN7Ps8S90XfgsKugEJQwQC3KrQUbzNKY1JWpBymWX3Eo+aSd4J
         0+iKliwVp39dIvFwN70zGCtNKNAZnkn+UNaj9yi0Y82cblCl1VU77eKxVaQYN888K+I+
         Yg/m/I4EM/mwk4A30Q0pSJ0vZXQ4wvDN7DPIPcCX1KzDvhcuwDRF0emTSwyNNL0zUB2j
         AQoR7OqCI9JNNaMe+TOCIh8HWXf3kIO+59D8riiVO818+kdsJbXAuIpR/aSUAS2y0bzN
         yOHTlHiVitsx0uqwmRZnvR83tyycyFnXzoatcPwQuAc31gusbx3XL+51LKywyEcXklXv
         6eUg==
X-Gm-Message-State: AOJu0Yxtr6+/UQI5nDpQfGCqrpyW1N2BL2gg/7O1okEPcnxcRp4KH+Jz
	PRsJndEFJsh0mnKzLW0prDLPhFXAMTRhK/79kFdl/DHaroB3wwVesC1RUe6nCyI0ruFriNFeslh
	ySUbZhRuV1Wc7BRJfmfR6gkptRg==
X-Received: by 2002:a5d:424a:0:b0:32f:7c4d:8746 with SMTP id
 s10-20020a5d424a000000b0032f7c4d8746mr10709418wrr.12.1701187432770;
        Tue, 28 Nov 2023 08:03:52 -0800 (PST)
X-Google-Smtp-Source: 
 AGHT+IGSw+uqLHp4posNurAQ3xZ86X68JibS7pcphfK76/nFWMAGed6YOaHy9YzICF60bQ7CfXQuxg==
X-Received: by 2002:a5d:424a:0:b0:32f:7c4d:8746 with SMTP id
 s10-20020a5d424a000000b0032f7c4d8746mr10709402wrr.12.1701187432494;
        Tue, 28 Nov 2023 08:03:52 -0800 (PST)
Received: from maszat.piliscsaba.szeredi.hu (89-148-117-163.pool.digikabel.hu.
 [89.148.117.163])
        by smtp.gmail.com with ESMTPSA id
 w27-20020adf8bdb000000b00332e5624a31sm14745352wra.84.2023.11.28.08.03.49
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 28 Nov 2023 08:03:49 -0800 (PST)
From: Miklos Szeredi <mszeredi@redhat.com>
To: Christian Brauner <christian@brauner.io>
Cc: linux-api@vger.kernel.org,
	linux-man@vger.kernel.org,
	linux-security-module@vger.kernel.org,
	Karel Zak <kzak@redhat.com>,
	linux-fsdevel@vger.kernel.org,
	Ian Kent <raven@themaw.net>,
	David Howells <dhowells@redhat.com>,
	Al Viro <viro@zeniv.linux.org.uk>
Subject: [PATCH 4/4] listmount: allow continuing
Date: Tue, 28 Nov 2023 17:03:35 +0100
Message-ID: <20231128160337.29094-5-mszeredi@redhat.com>
X-Mailer: git-send-email 2.41.0
In-Reply-To: <20231128160337.29094-1-mszeredi@redhat.com>
References: <20231128160337.29094-1-mszeredi@redhat.com>
Precedence: bulk
X-Mailing-List: linux-fsdevel@vger.kernel.org
List-Id: <linux-fsdevel.vger.kernel.org>
List-Subscribe: <mailto:linux-fsdevel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-fsdevel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0

Rename mnt_id_req.request_mask to .param to allow using it for listmount(2)
as well.

1) If the buffer is full don't return EOVERFLOW, instead return the buffer
size.  This still allows detecting a full buffer.

2) listing is continued after the ID contained in .param.  This allows
listing the mount IDs in multiple listmount() invocations without having to
resize buffer.  If .param is zero, then the listing is started from the
beginning, just like previously.

Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
---
 fs/namespace.c             | 17 ++++++++---------
 include/uapi/linux/mount.h |  9 ++++++++-
 2 files changed, 16 insertions(+), 10 deletions(-)

diff --git a/fs/namespace.c b/fs/namespace.c
index 10cd651175b5..5c1455c4b53b 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -4942,7 +4942,7 @@ static int prepare_kstatmount(struct kstatmount *ks, struct mnt_id_req *kreq,
 		return -EFAULT;
 
 	*ks = (struct kstatmount){
-		.mask		= kreq->request_mask,
+		.mask		= kreq->param,
 		.buf		= buf,
 		.bufsize	= bufsize,
 		.seq = {
@@ -5020,14 +5020,11 @@ static ssize_t do_listmount(struct mount *first, struct path *orig, u64 mnt_id,
 	if (err)
 		return err;
 
-	for (ctr = 0, r = first; r; r = listmnt_next(r)) {
+	for (ctr = 0, r = first; r && ctr < bufsize; r = listmnt_next(r)) {
 		if (r->mnt_id_unique == mnt_id)
 			continue;
 		if (!is_path_reachable(r, r->mnt.mnt_root, orig))
 			continue;
-
-		if (ctr >= bufsize)
-			return -EOVERFLOW;
 		ctr = array_index_nospec(ctr, bufsize);
 		if (put_user(r->mnt_id_unique, buf + ctr))
 			return -EFAULT;
@@ -5044,7 +5041,7 @@ SYSCALL_DEFINE4(listmount, const struct mnt_id_req __user *, req,
 	struct mnt_id_req kreq;
 	struct mount *first;
 	struct path root, orig;
-	u64 mnt_id;
+	u64 mnt_id, last_mnt_id;
 	ssize_t ret;
 
 	if (flags)
@@ -5052,9 +5049,8 @@ SYSCALL_DEFINE4(listmount, const struct mnt_id_req __user *, req,
 
 	if (copy_from_user(&kreq, req, sizeof(kreq)))
 		return -EFAULT;
-	if (kreq.request_mask != 0)
-		return -EINVAL;
 	mnt_id = kreq.mnt_id;
+	last_mnt_id = kreq.param;
 
 	down_read(&namespace_sem);
 	get_fs_root(current->fs, &root);
@@ -5067,7 +5063,10 @@ SYSCALL_DEFINE4(listmount, const struct mnt_id_req __user *, req,
 			goto err;
 		orig.dentry = orig.mnt->mnt_root;
 	}
-	first = node_to_mount(rb_first(&ns->mounts));
+	if (!last_mnt_id)
+		first = node_to_mount(rb_first(&ns->mounts));
+	else
+		first = mnt_find_id_at(ns, last_mnt_id + 1);
 
 	ret = do_listmount(first, &orig, mnt_id, buf, bufsize, &root);
 err:
diff --git a/include/uapi/linux/mount.h b/include/uapi/linux/mount.h
index f6b35a15b7dd..dc9a0112d819 100644
--- a/include/uapi/linux/mount.h
+++ b/include/uapi/linux/mount.h
@@ -176,9 +176,16 @@ struct statmount {
 	char str[];		/* Variable size part containing strings */
 };
 
+/*
+ * Structure for passing mount ID and miscellaneous parameters to statmount(2)
+ * and listmount(2).
+ *
+ * For statmount(2) @param represents the request mask.
+ * For listmount(2) @param represents the last listed mount id (or zero).
+ */
 struct mnt_id_req {
 	__u64 mnt_id;
-	__u64 request_mask;
+	__u64 param;
 };
 
 /*