From: Christoph Hellwig <hch@lst.de>
To: Al Viro <viro@zeniv.linux.org.uk>,
Linus Torvalds <torvalds@linux-foundation.org>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
"Rafael J. Wysocki" <rafael@kernel.org>,
linux-kernel@vger.kernel.org, linux-raid@vger.kernel.org,
linux-fsdevel@vger.kernel.org, linux-api@vger.kernel.org
Subject: [PATCH 12/21] init: add an init_chroot helper
Date: Sun, 26 Jul 2020 09:13:47 +0200 [thread overview]
Message-ID: <20200726071356.287160-13-hch@lst.de> (raw)
In-Reply-To: <20200726071356.287160-1-hch@lst.de>
Add a simple helper to chroot with a kernel space file name and switch
the early init code over to it. Remove the now unused ksys_chroot.
Signed-off-by: Christoph Hellwig <hch@lst.de>
---
drivers/base/devtmpfs.c | 2 +-
fs/for_init.c | 24 ++++++++++++++++++++++++
fs/open.c | 7 +------
include/linux/init_syscalls.h | 1 +
include/linux/syscalls.h | 2 --
init/do_mounts.c | 2 +-
init/do_mounts_initrd.c | 4 ++--
7 files changed, 30 insertions(+), 12 deletions(-)
diff --git a/drivers/base/devtmpfs.c b/drivers/base/devtmpfs.c
index bc2cfe10018cd5..36e81b52368650 100644
--- a/drivers/base/devtmpfs.c
+++ b/drivers/base/devtmpfs.c
@@ -413,7 +413,7 @@ static int __init devtmpfs_setup(void *p)
if (err)
goto out;
init_chdir("/.."); /* will traverse into overmounted root */
- ksys_chroot(".");
+ init_chroot(".");
out:
*(int *)p = err;
complete(&setup_done);
diff --git a/fs/for_init.c b/fs/for_init.c
index e5d907d4b98aac..2d5428b7dc1420 100644
--- a/fs/for_init.c
+++ b/fs/for_init.c
@@ -5,6 +5,7 @@
#include <linux/fs.h>
#include <linux/fs_struct.h>
#include <linux/init_syscalls.h>
+#include <linux/security.h>
#include "internal.h"
int __init init_mount(const char *dev_name, const char *dir_name,
@@ -50,6 +51,29 @@ int __init init_chdir(const char *filename)
return error;
}
+int __init init_chroot(const char *filename)
+{
+ struct path path;
+ int error;
+
+ error = kern_path(filename, LOOKUP_FOLLOW | LOOKUP_DIRECTORY, &path);
+ if (error)
+ return error;
+ error = inode_permission(path.dentry->d_inode, MAY_EXEC | MAY_CHDIR);
+ if (error)
+ goto dput_and_out;
+ error = -EPERM;
+ if (!ns_capable(current_user_ns(), CAP_SYS_CHROOT))
+ goto dput_and_out;
+ error = security_path_chroot(&path);
+ if (error)
+ goto dput_and_out;
+ set_fs_root(current->fs, &path);
+dput_and_out:
+ path_put(&path);
+ return error;
+}
+
int __init init_unlink(const char *pathname)
{
return do_unlinkat(AT_FDCWD, getname_kernel(pathname));
diff --git a/fs/open.c b/fs/open.c
index 723e0ac898935e..f62f4752bb436d 100644
--- a/fs/open.c
+++ b/fs/open.c
@@ -530,7 +530,7 @@ SYSCALL_DEFINE1(fchdir, unsigned int, fd)
return error;
}
-int ksys_chroot(const char __user *filename)
+SYSCALL_DEFINE1(chroot, const char __user *, filename)
{
struct path path;
int error;
@@ -563,11 +563,6 @@ int ksys_chroot(const char __user *filename)
return error;
}
-SYSCALL_DEFINE1(chroot, const char __user *, filename)
-{
- return ksys_chroot(filename);
-}
-
static int chmod_common(const struct path *path, umode_t mode)
{
struct inode *inode = path->dentry->d_inode;
diff --git a/include/linux/init_syscalls.h b/include/linux/init_syscalls.h
index 1e845910ae56e9..e07099a14b91db 100644
--- a/include/linux/init_syscalls.h
+++ b/include/linux/init_syscalls.h
@@ -4,5 +4,6 @@ int __init init_mount(const char *dev_name, const char *dir_name,
const char *type_page, unsigned long flags, void *data_page);
int __init init_umount(const char *name, int flags);
int __init init_chdir(const char *filename);
+int __init init_chroot(const char *filename);
int __init init_unlink(const char *pathname);
int __init init_rmdir(const char *pathname);
diff --git a/include/linux/syscalls.h b/include/linux/syscalls.h
index 31fa67fb9894b3..e89d62e944dc0e 100644
--- a/include/linux/syscalls.h
+++ b/include/linux/syscalls.h
@@ -1235,8 +1235,6 @@ asmlinkage long sys_ni_syscall(void);
* Instead, use one of the functions which work equivalently, such as
* the ksys_xyzyyz() functions prototyped below.
*/
-
-int ksys_chroot(const char __user *filename);
ssize_t ksys_write(unsigned int fd, const char __user *buf, size_t count);
int ksys_fchown(unsigned int fd, uid_t user, gid_t group);
ssize_t ksys_read(unsigned int fd, char __user *buf, size_t count);
diff --git a/init/do_mounts.c b/init/do_mounts.c
index cc08ed7b44e764..c8ccdc80ffcdd5 100644
--- a/init/do_mounts.c
+++ b/init/do_mounts.c
@@ -629,7 +629,7 @@ void __init prepare_namespace(void)
out:
devtmpfs_mount();
init_mount(".", "/", NULL, MS_MOVE, NULL);
- ksys_chroot(".");
+ init_chroot(".");
}
static bool is_tmpfs;
diff --git a/init/do_mounts_initrd.c b/init/do_mounts_initrd.c
index 04627fd22a921f..a6b447b191dbc8 100644
--- a/init/do_mounts_initrd.c
+++ b/init/do_mounts_initrd.c
@@ -63,7 +63,7 @@ static int __init init_linuxrc(struct subprocess_info *info, struct cred *new)
/* move initrd over / and chdir/chroot in initrd root */
init_chdir("/root");
init_mount(".", "/", NULL, MS_MOVE, NULL);
- ksys_chroot(".");
+ init_chroot(".");
ksys_setsid();
return 0;
}
@@ -101,7 +101,7 @@ static void __init handle_initrd(void)
/* move initrd to rootfs' /old */
init_mount("..", ".", NULL, MS_MOVE, NULL);
/* switch root and cwd back to / of rootfs */
- ksys_chroot("..");
+ init_chroot("..");
if (new_decode_dev(real_root_dev) == Root_RAM0) {
init_chdir("/old");
--
2.27.0
next prev parent reply other threads:[~2020-07-26 7:13 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-07-26 7:13 add file system helpers that take kernel pointers for the init code v3 Christoph Hellwig
2020-07-26 7:13 ` Christoph Hellwig
2020-07-26 7:13 ` [PATCH 01/21] fs: refactor do_mount Christoph Hellwig
2020-07-26 7:13 ` [PATCH 03/21] fs: push the getname from do_rmdir into the callers Christoph Hellwig
2020-07-26 7:13 ` [PATCH 06/21] init: mark create_dev as __init Christoph Hellwig
2020-07-26 7:13 ` [PATCH 07/21] init: add an init_mount helper Christoph Hellwig
[not found] ` <20200726071356.287160-1-hch-jcswGhMUV9g@public.gmane.org>
2020-07-26 7:13 ` [PATCH 02/21] fs: refactor ksys_umount Christoph Hellwig
2020-07-26 7:13 ` Christoph Hellwig
2020-07-26 7:13 ` [PATCH 04/21] devtmpfs: refactor devtmpfsd() Christoph Hellwig
2020-07-26 7:13 ` Christoph Hellwig
[not found] ` <20200726071356.287160-5-hch-jcswGhMUV9g@public.gmane.org>
2020-07-26 7:43 ` Greg Kroah-Hartman
2020-07-26 7:43 ` Greg Kroah-Hartman
2020-07-26 8:21 ` Christoph Hellwig
2020-07-26 7:13 ` [PATCH 05/21] init: initialize ramdisk_execute_command at compile time Christoph Hellwig
2020-07-26 7:13 ` Christoph Hellwig
2020-07-26 7:13 ` [PATCH 08/21] init: add an init_umount helper Christoph Hellwig
2020-07-26 7:13 ` Christoph Hellwig
2020-07-26 7:13 ` [PATCH 09/21] init: add an init_unlink helper Christoph Hellwig
2020-07-26 7:13 ` Christoph Hellwig
2020-07-26 7:13 ` [PATCH 10/21] init: add an init_rmdir helper Christoph Hellwig
2020-07-26 7:13 ` [PATCH 11/21] init: add an init_chdir helper Christoph Hellwig
2020-07-26 7:13 ` Christoph Hellwig [this message]
2020-07-26 7:13 ` [PATCH 13/21] init: add an init_chown helper Christoph Hellwig
2020-07-26 7:13 ` [PATCH 14/21] init: add an init_chmod helper Christoph Hellwig
2020-07-26 7:13 ` [PATCH 15/21] init: add an init_eaccess helper Christoph Hellwig
2020-07-26 7:13 ` [PATCH 16/21] init: add an init_link helper Christoph Hellwig
2020-07-26 7:13 ` [PATCH 17/21] init: add an init_symlink helper Christoph Hellwig
2020-07-26 7:13 ` [PATCH 18/21] init: add an init_mkdir helper Christoph Hellwig
2020-07-26 7:13 ` [PATCH 19/21] init: add an init_mknod helper Christoph Hellwig
2020-07-26 7:13 ` [PATCH 20/21] init: add an init_stat helper Christoph Hellwig
2020-07-26 7:13 ` [PATCH 21/21] init: add an init_utimes helper Christoph Hellwig
2020-07-26 15:49 ` add file system helpers that take kernel pointers for the init code v3 Linus Torvalds
[not found] ` <CAHk-=wgq8evViJD9Hnjugq=V0eUAn7K6ZjOP7P7qki-nOTx_jg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2020-07-26 15:52 ` Christoph Hellwig
2020-07-26 15:52 ` Christoph Hellwig
2020-07-26 16:21 ` Al Viro
[not found] ` <20200726162113.GR2786714-3bDd1+5oDREiFSDQTTA3OLVCufUGDwFn@public.gmane.org>
2020-07-26 16:24 ` Christoph Hellwig
2020-07-26 16:24 ` Christoph Hellwig
[not found] ` <20200726162426.GA24479-jcswGhMUV9g@public.gmane.org>
2020-07-26 16:26 ` Christoph Hellwig
2020-07-26 16:26 ` Christoph Hellwig
[not found] ` <20200726162627.GA24522-jcswGhMUV9g@public.gmane.org>
2020-07-26 16:33 ` Al Viro
2020-07-26 16:33 ` Al Viro
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200726071356.287160-13-hch@lst.de \
--to=hch@lst.de \
--cc=gregkh@linuxfoundation.org \
--cc=linux-api@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-raid@vger.kernel.org \
--cc=rafael@kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.