git: 5c325977b113 - main - cache: add missing MNT_NOSYMFOLLOW check to symlink traversal

Mateusz Guzik mjg at FreeBSD.org
Wed Jan 27 15:13:43 UTC 2021


The branch main has been updated by mjg:

URL: https://cgit.FreeBSD.org/src/commit/?id=5c325977b1138828367f39a3f2034af24c3654f0

commit 5c325977b1138828367f39a3f2034af24c3654f0
Author:     Mateusz Guzik <mjg at FreeBSD.org>
AuthorDate: 2021-01-27 14:59:53 +0000
Commit:     Mateusz Guzik <mjg at FreeBSD.org>
CommitDate: 2021-01-27 15:08:38 +0000

    cache: add missing MNT_NOSYMFOLLOW check to symlink traversal
---
 sys/kern/vfs_cache.c | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/sys/kern/vfs_cache.c b/sys/kern/vfs_cache.c
index be06a2edc58b..ff8aad14001b 100644
--- a/sys/kern/vfs_cache.c
+++ b/sys/kern/vfs_cache.c
@@ -4816,6 +4816,7 @@ cache_symlink_resolve(struct cache_fpl *fpl, const char *string, size_t len)
 static int __noinline
 cache_fplookup_symlink(struct cache_fpl *fpl)
 {
+	struct mount *mp;
 	struct nameidata *ndp;
 	struct componentname *cnp;
 	struct vnode *dvp, *tvp;
@@ -4832,6 +4833,20 @@ cache_fplookup_symlink(struct cache_fpl *fpl)
 		}
 	}
 
+	mp = atomic_load_ptr(&dvp->v_mount);
+	if (__predict_false(mp == NULL)) {
+		return (cache_fpl_aborted(fpl));
+	}
+
+	/*
+	 * Note this check races against setting the flag just like regular
+	 * lookup.
+	 */
+	if (__predict_false((mp->mnt_flag & MNT_NOSYMFOLLOW) != 0)) {
+		cache_fpl_smr_exit(fpl);
+		return (cache_fpl_handled_error(fpl, EACCES));
+	}
+
 	error = VOP_FPLOOKUP_SYMLINK(tvp, fpl);
 	if (__predict_false(error != 0)) {
 		switch (error) {


More information about the dev-commits-src-all mailing list