From: Dominique Martinet <asmadeus@codewreck.org>
To: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Cc: Christian Schoenebeck <linux_oss@crudebyte.com>,
Eric Van Hensbergen <ericvh@gmail.com>,
Latchesar Ionkov <lucho@ionkov.net>,
syzbot <syzbot+8b41a1365f1106fd0f33@syzkaller.appspotmail.com>,
v9fs-developer@lists.sourceforge.net,
syzkaller-bugs@googlegroups.com, netdev@vger.kernel.org,
linux-fsdevel <linux-fsdevel@vger.kernel.org>
Subject: Re: [PATCH v2] 9p/trans_fd: perform read/write with TIF_SIGPENDING set
Date: Fri, 7 Oct 2022 10:40:27 +0900 [thread overview]
Message-ID: <Yz+Di8tJiyPPJUaK@codewreck.org> (raw)
In-Reply-To: <38d892bd-8ace-c4e9-9d73-777d3828acbc@I-love.SAKURA.ne.jp>
Tetsuo Handa wrote on Sun, Sep 04, 2022 at 09:27:22AM +0900:
> On 2022/09/04 8:39, Dominique Martinet wrote:
> > Is there any reason you spent time working on v2, or is that just
> > theorical for not messing with userland fd ?
>
> Just theoretical for not messing with userland fd, for programs generated
> by fuzzers might use fds passed to the mount() syscall. I imagined that
> syzbot again reports this problem when it started playing with fcntl().
>
> For robustness, not messing with userland fd is the better. ;-)
By the way digging this back made me think about this a bit again.
My opinion hasn't really changed that if you want to shoot yourself in
the foot I don't think we're crossing any priviledge boundary here, but
we could probably prevent it by saying the mount call with close that fd
and somehow steal it? (drop the fget, close_fd after get_file perhaps?)
That should address your concern about robustess and syzbot will no
longer be able to play with fcntl on "our" end of the pipe. I think it's
fair to say that once you pass it to the kernel all bets are off, so
closing it for the userspace application could make sense, and the mount
already survives when short processes do the mount call and immediately
exit so it's not like we need that fd to be open...
What do you think?
(either way would be for 6.2, the patch is already good enough as is for
me)
--
Dominique
next prev parent reply other threads:[~2022-10-07 1:40 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-08-30 19:28 INFO: task hung in p9_fd_close syzbot
2019-09-21 16:19 ` syzbot
2022-08-26 15:27 ` [PATCH] 9p/trans_fd: always use O_NONBLOCK read/write Tetsuo Handa
2022-08-27 6:11 ` [PATCH v2] 9p/trans_fd: perform read/write with TIF_SIGPENDING set Tetsuo Handa
2022-09-01 15:23 ` Christian Schoenebeck
2022-09-01 22:25 ` Tetsuo Handa
2022-09-03 23:39 ` Dominique Martinet
2022-09-04 0:27 ` Tetsuo Handa
2022-10-07 1:40 ` Dominique Martinet [this message]
2022-10-07 11:52 ` Tetsuo Handa
2022-10-06 14:55 ` [PATCH] 9p/trans_fd: always use O_NONBLOCK read/write Christian Schoenebeck
2022-10-07 1:03 ` Dominique Martinet
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Yz+Di8tJiyPPJUaK@codewreck.org \
--to=asmadeus@codewreck.org \
--cc=ericvh@gmail.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux_oss@crudebyte.com \
--cc=lucho@ionkov.net \
--cc=netdev@vger.kernel.org \
--cc=penguin-kernel@I-love.SAKURA.ne.jp \
--cc=syzbot+8b41a1365f1106fd0f33@syzkaller.appspotmail.com \
--cc=syzkaller-bugs@googlegroups.com \
--cc=v9fs-developer@lists.sourceforge.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).