mbox series

[v2,0/7] Allow to choose symlink and socket type

Message ID 20241012085252.560-1-pali@kernel.org (mailing list archive)
Headers show
Series Allow to choose symlink and socket type | expand

Message

Pali Rohár Oct. 12, 2024, 8:52 a.m. UTC
This patch series improves choosing reparse format when creating new
special files.

Changes since v1:
* Instead of new -o reparse= mount option is now a new -o symlink= mount
  option for choosing symlink type during creation, and new option
  -o nonativesocket for choosing socket type

Pali Rohár (7):
  cifs: Add mount option -o symlink= for choosing symlink create type
  cifs: Add mount option -o reparse=none
  cifs: Add support for creating native Windows sockets
  cifs: Add support for creating NFS-style symlinks
  cifs: Improve guard for excluding $LXDEV xattr
  cifs: Add support for creating WSL-style symlinks
  cifs: Validate content of WSL reparse point buffers

 fs/smb/client/cifsfs.c     |   4 +
 fs/smb/client/cifsglob.h   |  36 +++++++
 fs/smb/client/connect.c    |   4 +
 fs/smb/client/fs_context.c |  82 +++++++++++++++
 fs/smb/client/fs_context.h |  19 ++++
 fs/smb/client/link.c       |  60 ++++++++---
 fs/smb/client/reparse.c    | 201 +++++++++++++++++++++++++++++++------
 fs/smb/client/reparse.h    |   2 +
 8 files changed, 364 insertions(+), 44 deletions(-)

Comments

Steve French Oct. 13, 2024, 4:19 a.m. UTC | #1
after doing more experiments with native windows symlinks (and how
difficult it is to get permission to set them over the wire to
Windows), was wondering if we should allow fall back strategy if
creating windows style symlinks fails with STATUS_PRIVILEGE_NOT_HELD
then we should try NFS reparse point symlink.  Any opinions?

On Sat, Oct 12, 2024 at 3:53 AM Pali Rohár <pali@kernel.org> wrote:
>
> This patch series improves choosing reparse format when creating new
> special files.
>
> Changes since v1:
> * Instead of new -o reparse= mount option is now a new -o symlink= mount
>   option for choosing symlink type during creation, and new option
>   -o nonativesocket for choosing socket type
>
> Pali Rohár (7):
>   cifs: Add mount option -o symlink= for choosing symlink create type
>   cifs: Add mount option -o reparse=none
>   cifs: Add support for creating native Windows sockets
>   cifs: Add support for creating NFS-style symlinks
>   cifs: Improve guard for excluding $LXDEV xattr
>   cifs: Add support for creating WSL-style symlinks
>   cifs: Validate content of WSL reparse point buffers
>
>  fs/smb/client/cifsfs.c     |   4 +
>  fs/smb/client/cifsglob.h   |  36 +++++++
>  fs/smb/client/connect.c    |   4 +
>  fs/smb/client/fs_context.c |  82 +++++++++++++++
>  fs/smb/client/fs_context.h |  19 ++++
>  fs/smb/client/link.c       |  60 ++++++++---
>  fs/smb/client/reparse.c    | 201 +++++++++++++++++++++++++++++++------
>  fs/smb/client/reparse.h    |   2 +
>  8 files changed, 364 insertions(+), 44 deletions(-)
>
> --
> 2.20.1
>
>
Pali Rohár Oct. 13, 2024, 8:59 a.m. UTC | #2
Well, if server explicitly disallow user to create symlink due to
missing permissions, I am not sure if it is a good idea to obey it by
creating symlink in format unsupported by the server...

On Saturday 12 October 2024 23:18:13 Steve French wrote:
> after doing more experiments with native windows symlinks (and how
> difficult it is to get permission to set them over the wire to Windows),
> was wondering if we should allow fall back strategy if creating windows
> style symlinks fails with STATUS_PRIVILEGE_NOT_HELD then we should try NFS
> reparse point symlink.  Any opinions?
> 
> On Sat, Oct 12, 2024 at 3:53 AM Pali Rohár <pali@kernel.org> wrote:
> 
> > This patch series improves choosing reparse format when creating new
> > special files.
> >
> > Changes since v1:
> > * Instead of new -o reparse= mount option is now a new -o symlink= mount
> >   option for choosing symlink type during creation, and new option
> >   -o nonativesocket for choosing socket type
> >
> > Pali Rohár (7):
> >   cifs: Add mount option -o symlink= for choosing symlink create type
> >   cifs: Add mount option -o reparse=none
> >   cifs: Add support for creating native Windows sockets
> >   cifs: Add support for creating NFS-style symlinks
> >   cifs: Improve guard for excluding $LXDEV xattr
> >   cifs: Add support for creating WSL-style symlinks
> >   cifs: Validate content of WSL reparse point buffers
> >
> >  fs/smb/client/cifsfs.c     |   4 +
> >  fs/smb/client/cifsglob.h   |  36 +++++++
> >  fs/smb/client/connect.c    |   4 +
> >  fs/smb/client/fs_context.c |  82 +++++++++++++++
> >  fs/smb/client/fs_context.h |  19 ++++
> >  fs/smb/client/link.c       |  60 ++++++++---
> >  fs/smb/client/reparse.c    | 201 +++++++++++++++++++++++++++++++------
> >  fs/smb/client/reparse.h    |   2 +
> >  8 files changed, 364 insertions(+), 44 deletions(-)
> >
> > --
> > 2.20.1
> >
> >
> >
> 
> -- 
> Thanks,
> 
> Steve
Pali Rohár Oct. 13, 2024, 1:38 p.m. UTC | #3
Anyway, I think that the create symlink privilege is needed to create
any reparse point, so fallback to NFS reparse point would not help.

On Saturday 12 October 2024 23:18:13 Steve French wrote:
> after doing more experiments with native windows symlinks (and how
> difficult it is to get permission to set them over the wire to Windows),
> was wondering if we should allow fall back strategy if creating windows
> style symlinks fails with STATUS_PRIVILEGE_NOT_HELD then we should try NFS
> reparse point symlink.  Any opinions?
> 
> On Sat, Oct 12, 2024 at 3:53 AM Pali Rohár <pali@kernel.org> wrote:
> 
> > This patch series improves choosing reparse format when creating new
> > special files.
> >
> > Changes since v1:
> > * Instead of new -o reparse= mount option is now a new -o symlink= mount
> >   option for choosing symlink type during creation, and new option
> >   -o nonativesocket for choosing socket type
> >
> > Pali Rohár (7):
> >   cifs: Add mount option -o symlink= for choosing symlink create type
> >   cifs: Add mount option -o reparse=none
> >   cifs: Add support for creating native Windows sockets
> >   cifs: Add support for creating NFS-style symlinks
> >   cifs: Improve guard for excluding $LXDEV xattr
> >   cifs: Add support for creating WSL-style symlinks
> >   cifs: Validate content of WSL reparse point buffers
> >
> >  fs/smb/client/cifsfs.c     |   4 +
> >  fs/smb/client/cifsglob.h   |  36 +++++++
> >  fs/smb/client/connect.c    |   4 +
> >  fs/smb/client/fs_context.c |  82 +++++++++++++++
> >  fs/smb/client/fs_context.h |  19 ++++
> >  fs/smb/client/link.c       |  60 ++++++++---
> >  fs/smb/client/reparse.c    | 201 +++++++++++++++++++++++++++++++------
> >  fs/smb/client/reparse.h    |   2 +
> >  8 files changed, 364 insertions(+), 44 deletions(-)
> >
> > --
> > 2.20.1
> >
> >
> >
> 
> -- 
> Thanks,
> 
> Steve
Pali Rohár Oct. 14, 2024, 9:32 a.m. UTC | #4
Now I found this statement in FSCTL_SET_REPARSE_POINT documentation:
https://learn.microsoft.com/en-us/windows/win32/api/winioctl/ni-winioctl-fsctl_set_reparse_point

  "FSCTL_SET_REPARSE_POINT IOCTL - Sets a reparse point on a file or directory."
  "The calling process must have the SE_CREATE_SYMBOLIC_LINK_NAME privilege."

On Sunday 13 October 2024 15:38:27 Pali Rohár wrote:
> Anyway, I think that the create symlink privilege is needed to create
> any reparse point, so fallback to NFS reparse point would not help.
> 
> On Saturday 12 October 2024 23:18:13 Steve French wrote:
> > after doing more experiments with native windows symlinks (and how
> > difficult it is to get permission to set them over the wire to Windows),
> > was wondering if we should allow fall back strategy if creating windows
> > style symlinks fails with STATUS_PRIVILEGE_NOT_HELD then we should try NFS
> > reparse point symlink.  Any opinions?
> > 
> > On Sat, Oct 12, 2024 at 3:53 AM Pali Rohár <pali@kernel.org> wrote:
> > 
> > > This patch series improves choosing reparse format when creating new
> > > special files.
> > >
> > > Changes since v1:
> > > * Instead of new -o reparse= mount option is now a new -o symlink= mount
> > >   option for choosing symlink type during creation, and new option
> > >   -o nonativesocket for choosing socket type
> > >
> > > Pali Rohár (7):
> > >   cifs: Add mount option -o symlink= for choosing symlink create type
> > >   cifs: Add mount option -o reparse=none
> > >   cifs: Add support for creating native Windows sockets
> > >   cifs: Add support for creating NFS-style symlinks
> > >   cifs: Improve guard for excluding $LXDEV xattr
> > >   cifs: Add support for creating WSL-style symlinks
> > >   cifs: Validate content of WSL reparse point buffers
> > >
> > >  fs/smb/client/cifsfs.c     |   4 +
> > >  fs/smb/client/cifsglob.h   |  36 +++++++
> > >  fs/smb/client/connect.c    |   4 +
> > >  fs/smb/client/fs_context.c |  82 +++++++++++++++
> > >  fs/smb/client/fs_context.h |  19 ++++
> > >  fs/smb/client/link.c       |  60 ++++++++---
> > >  fs/smb/client/reparse.c    | 201 +++++++++++++++++++++++++++++++------
> > >  fs/smb/client/reparse.h    |   2 +
> > >  8 files changed, 364 insertions(+), 44 deletions(-)
> > >
> > > --
> > > 2.20.1
> > >
> > >
> > >
> > 
> > -- 
> > Thanks,
> > 
> > Steve
Pali Rohár Oct. 28, 2024, 10:13 a.m. UTC | #5
Any opinion about this v2? Is it better now?

On Saturday 12 October 2024 10:52:45 Pali Rohár wrote:
> This patch series improves choosing reparse format when creating new
> special files.
> 
> Changes since v1:
> * Instead of new -o reparse= mount option is now a new -o symlink= mount
>   option for choosing symlink type during creation, and new option
>   -o nonativesocket for choosing socket type
> 
> Pali Rohár (7):
>   cifs: Add mount option -o symlink= for choosing symlink create type
>   cifs: Add mount option -o reparse=none
>   cifs: Add support for creating native Windows sockets
>   cifs: Add support for creating NFS-style symlinks
>   cifs: Improve guard for excluding $LXDEV xattr
>   cifs: Add support for creating WSL-style symlinks
>   cifs: Validate content of WSL reparse point buffers
> 
>  fs/smb/client/cifsfs.c     |   4 +
>  fs/smb/client/cifsglob.h   |  36 +++++++
>  fs/smb/client/connect.c    |   4 +
>  fs/smb/client/fs_context.c |  82 +++++++++++++++
>  fs/smb/client/fs_context.h |  19 ++++
>  fs/smb/client/link.c       |  60 ++++++++---
>  fs/smb/client/reparse.c    | 201 +++++++++++++++++++++++++++++++------
>  fs/smb/client/reparse.h    |   2 +
>  8 files changed, 364 insertions(+), 44 deletions(-)
> 
> -- 
> 2.20.1
>