Re: [TOMOYO #14 (mmotm 2008-12-30-16-05) 03/10] Introduce d_realpath().
From: Tetsuo Handa
Date: Wed Jan 14 2009 - 03:59:13 EST
James Morris wrote:
> > (3) /proc/PID/ is represented as /proc/self/ if PID equals current->tgid.
>
> This needs an ack from Al and/or Christoph.
>
It is a sad thing that I cannot use /proc/self/ (which is the only part where
a pathname based access control can prevent current process from accessing
other process's information), but I purged d_realpath() for now.
Next posting (#15) will embed AppArmor's d_namespace_path()-like function
into TOMOYO's code.
/* d_namespace_path() in OpenSUSE 11.1's 2.6.27.7-9.1 kernel. */
char *d_namespace_path(struct dentry *dentry, struct vfsmount *vfsmnt,
char *buf, int buflen)
{
struct path root, tmp, ns_root = { };
struct path path = { .mnt = vfsmnt, .dentry = dentry };
char *res;
read_lock(¤t->fs->lock);
root = current->fs->root;
path_get(¤t->fs->root);
read_unlock(¤t->fs->lock);
spin_lock(&vfsmount_lock);
if (root.mnt && root.mnt->mnt_ns)
ns_root.mnt = mntget(root.mnt->mnt_ns->root);
if (ns_root.mnt)
ns_root.dentry = dget(ns_root.mnt->mnt_root);
spin_unlock(&vfsmount_lock);
tmp = ns_root;
res = __d_path(&path, &tmp, buf, buflen,
D_PATH_FAIL_DELETED | D_PATH_DISCONNECT);
path_put(&root);
path_put(&ns_root);
/* Prevent empty path for lazily unmounted filesystems. */
if (!IS_ERR(res) && *res == '\0')
*--res = '.';
return res;
}
Thanks.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/