From patchwork Mon Mar 9 14:00:12 2015 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Drysdale X-Patchwork-Id: 5967601 Return-Path: X-Original-To: patchwork-fstests@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork1.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.136]) by patchwork1.web.kernel.org (Postfix) with ESMTP id B44669F318 for ; Mon, 9 Mar 2015 14:01:56 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id 0BE45202B8 for ; Mon, 9 Mar 2015 14:01:52 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id F195920351 for ; Mon, 9 Mar 2015 14:01:46 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932072AbbCIOB3 (ORCPT ); Mon, 9 Mar 2015 10:01:29 -0400 Received: from mail-we0-f171.google.com ([74.125.82.171]:42445 "EHLO mail-we0-f171.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932264AbbCIOAg (ORCPT ); Mon, 9 Mar 2015 10:00:36 -0400 Received: by wesq59 with SMTP id q59so18013582wes.9 for ; Mon, 09 Mar 2015 07:00:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=4J6M5+8ooC89KYbLlpiE2CtBVWp/6oO0vHefC/i1hko=; b=A8g1SC49aKcK7dSgURkWBfsdRBd+fH9IdkuCT6/x6+XQt4TBYaZuFS4XkyEPaiK9zs y2JHCf/QdMJnHKCBni+ETnOI4/PnxTUWJXFrpY4QdKOfLt59KQUvYN8+gDeRF/3ugFmd SEBkG+LaPXbyhTAcKRnN1ROdGzc56T2qPau/aLislKlpoG+tsG8zIvbESfiC9hU2ppWy sAVByx+3QiIVVuTxmL5UbKbrHKMGz/AZxaDTJZP9woWkZeGxGOHGllp+Hw9YXx52DwL3 OGC7N1X1SJNMsOttFqgzBmlTkG6YSlX0kTkOYT4BVZYdZXzh684fwIwSpHPl4w2Vu/f2 yeew== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=4J6M5+8ooC89KYbLlpiE2CtBVWp/6oO0vHefC/i1hko=; b=SC1sN24wuYJSB2UOjzIsXEivePPZGVUREkZ5w33cKLLKmhlDXcPDpuyQrDxd7RWlT6 2WC+t6rD9SE5MbrUksk3uJjbueFzE9NgGryjBMuU+eVlJJEvoZq1Wlh84Dqlpqd3QAhR INPogLu7CP4QXUIhOD2+EsUqJLPhq8sRUQbcZ/D/cwGq2EPXRpkk3WzsZ1+19MYsebQh gujtyrbsmBEBe1SZx2crUwmAZcBPo5yyIIpyCXoNFcjeOT3mGcyD7GLgscdGRoEfK9np z9yXqMUhExURekR5acE1Fqr9XFzf5cNVgr4gidn6Fjab0RBGaztaTyp6nh/1Iw5M5Cbm OQSQ== X-Gm-Message-State: ALoCoQkyYTHWDrMMJ2uYbcqdnmZl2DGa4CEG/GpNUnT/G4rnLrqFZIx4iU65c5dLeO1IuSldJR8P X-Received: by 10.194.71.175 with SMTP id w15mr56313652wju.16.1425909634562; Mon, 09 Mar 2015 07:00:34 -0700 (PDT) Received: from drysdale.lon.corp.google.com ([172.16.93.227]) by mx.google.com with ESMTPSA id dj5sm28389959wjb.28.2015.03.09.07.00.32 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 09 Mar 2015 07:00:33 -0700 (PDT) From: David Drysdale To: linux-kernel@vger.kernel.org, Alexander Viro , Kees Cook , "Eric W. Biederman" Cc: Greg Kroah-Hartman , Meredydd Luff , Will Drewry , Jorge Lucangeli Obes , Ricky Zhou , Lee Campbell , Julien Tinnes , Mike Depinet , James Morris , Andy Lutomirski , Paolo Bonzini , Paul Moore , Christoph Hellwig , Michael Kerrisk , linux-api@vger.kernel.org, linux-security-module@vger.kernel.org, fstests@vger.kernel.org, David Drysdale Subject: [PATCHv3 man-pages 3/3] open.2: describe O_BENEATH flag Date: Mon, 9 Mar 2015 14:00:12 +0000 Message-Id: <1425909612-28034-4-git-send-email-drysdale@google.com> X-Mailer: git-send-email 2.2.0.rc0.207.ga3a616c In-Reply-To: <1425909612-28034-1-git-send-email-drysdale@google.com> References: <1425909612-28034-1-git-send-email-drysdale@google.com> Sender: fstests-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: fstests@vger.kernel.org X-Spam-Status: No, score=-6.8 required=5.0 tests=BAYES_00, DKIM_ADSP_CUSTOM_MED, DKIM_SIGNED,RCVD_IN_DNSWL_HI,T_DKIM_INVALID,T_RP_MATCHES_RCVD, UNPARSEABLE_RELAY autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP Signed-off-by: David Drysdale --- man2/open.2 | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) -- 2.2.0.rc0.207.ga3a616c -- To unsubscribe from this list: send the line "unsubscribe fstests" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/man2/open.2 b/man2/open.2 index 956531b24b26..be40dd7710df 100644 --- a/man2/open.2 +++ b/man2/open.2 @@ -716,6 +716,31 @@ XFS support was added .\" commit ab29743117f9f4c22ac44c13c1647fb24fb2bafe in Linux 3.15. .TP +.B O_BENEATH " (since Linux 3.??)" +Ensure that the +.I pathname +is beneath the current working directory (for +.BR open (2)) +or the +.I dirfd +(for +.BR openat (2)). +If the +.I pathname +is absolute or contains a path component of "..", the +.BR open () +fails with the error +.BR EPERM. +This occurs even if ".." path component would not actually +escape the original directory; for example, a +.I pathname +of "subdir/../filename" would be rejected. +Path components that are symbolic links to absolute paths, or that are +relative paths containing a ".." component, will also cause the +.BR open () +operation to fail with the error +.BR EPERM. +.TP .B O_TRUNC If the file already exists and is a regular file and the access mode allows writing (i.e., is @@ -984,6 +1009,13 @@ did not match the owner of the file and the caller was not privileged The operation was prevented by a file seal; see .BR fcntl (2). .TP +.B EPERM +The +.B O_BENEATH +flag was specified and the +.I pathname +was not beneath the relevant directory. +.TP .B EROFS .I pathname refers to a file on a read-only filesystem and write access was