From patchwork Fri Apr  3 01:56:13 2015
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: "Eric W. Biederman" <ebiederm@xmission.com>
X-Patchwork-Id: 6153201
Return-Path: <linux-fsdevel-owner@kernel.org>
X-Original-To: patchwork-linux-fsdevel@patchwork.kernel.org
Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org
Received: from mail.kernel.org (mail.kernel.org [198.145.29.136])
	by patchwork2.web.kernel.org (Postfix) with ESMTP id 39BB8BF4A6
	for <patchwork-linux-fsdevel@patchwork.kernel.org>;
	Fri,  3 Apr 2015 02:00:47 +0000 (UTC)
Received: from mail.kernel.org (localhost [127.0.0.1])
	by mail.kernel.org (Postfix) with ESMTP id 58C6320379
	for <patchwork-linux-fsdevel@patchwork.kernel.org>;
	Fri,  3 Apr 2015 02:00:46 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.kernel.org (Postfix) with ESMTP id 6A16F2035E
	for <patchwork-linux-fsdevel@patchwork.kernel.org>;
	Fri,  3 Apr 2015 02:00:45 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1753346AbbDCCAo (ORCPT
	<rfc822;patchwork-linux-fsdevel@patchwork.kernel.org>);
	Thu, 2 Apr 2015 22:00:44 -0400
Received: from out02.mta.xmission.com ([166.70.13.232]:56007 "EHLO
	out02.mta.xmission.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1753264AbbDCCAn (ORCPT
	<rfc822;linux-fsdevel@vger.kernel.org>);
	Thu, 2 Apr 2015 22:00:43 -0400
Received: from in01.mta.xmission.com ([166.70.13.51])
	by out02.mta.xmission.com with esmtps
	(TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.82)
	(envelope-from <ebiederm@xmission.com>)
	id 1YdquY-00027D-3V; Thu, 02 Apr 2015 20:00:42 -0600
Received: from 70-59-163-10.omah.qwest.net ([70.59.163.10]
	helo=x220.int.ebiederm.org) by in01.mta.xmission.com with esmtpsa
	(TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.82)
	(envelope-from <ebiederm@xmission.com>)
	id 1YdquX-0003Lp-Fw; Thu, 02 Apr 2015 20:00:41 -0600
From: "Eric W. Biederman" <ebiederm@xmission.com>
To: Linux Containers <containers@lists.linux-foundation.org>
Cc: <linux-fsdevel@vger.kernel.org>, "Serge E. Hallyn" <serge@hallyn.com>,
	Andy Lutomirski <luto@amacapital.net>,
	Richard Weinberger <richard@nod.at>, Andrey Vagin <avagin@openvz.org>,
	Al Viro <viro@ZenIV.linux.org.uk>, Jann Horn <jann@thejh.net>,
	Willy Tarreau <w@1wt.eu>, Omar Sandoval <osandov@osandov.com>
Date: Thu,  2 Apr 2015 20:56:13 -0500
Message-Id: <1428026183-14879-9-git-send-email-ebiederm@xmission.com>
X-Mailer: git-send-email 2.2.1
In-Reply-To: <87a8yqou41.fsf_-_@x220.int.ebiederm.org>
References: <87a8yqou41.fsf_-_@x220.int.ebiederm.org>
X-XM-AID: U2FsdGVkX1/8Kru2mISi/th7FptSaHdcwcRK4jkRl60=
X-SA-Exim-Connect-IP: 70.59.163.10
X-SA-Exim-Mail-From: ebiederm@xmission.com
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org
X-Spam-Level: 
X-Spam-Status: No, score=-6.9 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_HI,
	T_RP_MATCHES_RCVD,
	UNPARSEABLE_RELAY autolearn=ham version=3.3.1
X-Spam-DCC: XMission; sa07 1397; Body=1 Fuz1=1 Fuz2=1 
X-Spam-Combo: ;Linux Containers <containers@lists.linux-foundation.org>
X-Spam-Relay-Country: 
X-Spam-Timing: total 229 ms - load_scoreonly_sql: 0.09 (0.0%),
	signal_user_changed: 4.1 (1.8%), b_tie_ro: 2.8 (1.2%),
	parse: 0.81 (0.4%),
	extract_message_metadata: 12 (5.0%), get_uri_detail_list: 1.06 (0.5%),
	tests_pri_-1000: 6 (2.7%), tests_pri_-950: 1.32 (0.6%),
	tests_pri_-900: 1.09
	(0.5%), tests_pri_-400: 18 (7.8%), check_bayes: 17 (7.3%),
	b_tokenize: 4.9
	(2.1%), b_tok_get_all: 6 (2.5%), b_comp_prob: 1.59 (0.7%),
	b_tok_touch_all:
	2.5 (1.1%), b_finish: 0.64 (0.3%), tests_pri_0: 178 (77.7%),
	tests_pri_500: 5 (2.2%), rewrite_mail: 0.00 (0.0%)
Subject: [PATCH review 09/19] mnt: Fail collect_mounts when applied to
	unmounted mounts
X-SA-Exim-Version: 4.2.1 (built Wed, 24 Sep 2014 11:00:52 -0600)
X-SA-Exim-Scanned: Yes (on in01.mta.xmission.com)
Sender: linux-fsdevel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-fsdevel.vger.kernel.org>
X-Mailing-List: linux-fsdevel@vger.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

The only users of collect_mounts are in audit_tree.c

In audit_tree_trees and audit_add_tree rule the path passed into
collect_mounts is generated from kern_path passed an audit_tree
pathname which is guaranteed to be an absolute path.   In those cases
collect_mounts is obviously intended to work on mounted paths and
if a race results in paths that are unmounted when collect_mounts
it is reasonable to fail early.

The paths passed into audit_tag_tree don't have the absolute path
check.  But are used to play with fsnotify and otherwise interact with
the audit_trees, so again operating only on mounted paths appears
reasonable.

Avoid having to worry about what happens when we try and audit
unmounted filesystems by restricting collect_mounts to mounts
that appear in the mount tree.

Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
---
 fs/namespace.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/fs/namespace.c b/fs/namespace.c
index 2b12b7a9455d..acc5583764dc 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -1669,8 +1669,11 @@ struct vfsmount *collect_mounts(struct path *path)
 {
 	struct mount *tree;
 	namespace_lock();
-	tree = copy_tree(real_mount(path->mnt), path->dentry,
-			 CL_COPY_ALL | CL_PRIVATE);
+	if (!check_mnt(real_mount(path->mnt)))
+		tree = ERR_PTR(-EINVAL);
+	else
+		tree = copy_tree(real_mount(path->mnt), path->dentry,
+				 CL_COPY_ALL | CL_PRIVATE);
 	namespace_unlock();
 	if (IS_ERR(tree))
 		return ERR_CAST(tree);