Re: [PATCH 14/19] fs: Permit FIBMAP for users with CAP_SYS_RAWIO in s_user_ns
From: Andreas Dilger
Date: Fri Dec 04 2015 - 19:01:14 EST
> On Dec 4, 2015, at 4:11 PM, Theodore Ts'o <tytso@xxxxxxx> wrote:
>
> On Fri, Dec 04, 2015 at 02:45:32PM -0600, Seth Forshee wrote:
>> On Fri, Dec 04, 2015 at 02:07:36PM -0600, Serge E. Hallyn wrote:
>>> Heh, I was looking over http://www.gossamer-threads.com/lists/linux/kernel/103611
>>> a little while ago :) The same question was asked 16 years ago. Apparently
>>> the answer then was that it was easier than fixing the code.
>>
>> So it seems then that either it still isn't safe and so unprivileged
>> users shouldn't be allowed to do it at all, or else it's safe and we
>> should drop the requirement completely. I can't say which is right,
>> unfortunately.
>
> It may not have been safe 16 years agoo, but giving invalid arguments
> to FIBMAP is safe for ext4 and ext2. This is the sort of thing that
> tools like trinity should and does test for, so I think it should be
> fine to remove the root check for FIBMAP.
You can use FIEMAP on regular files and directories without special permission:
$ filefrag -v /etc
Filesystem type is: ef53
File size of /etc is 12288 (3 blocks of 4096 bytes)
ext: logical_offset: physical_offset: length: expected: flags:
0: 0.. 0: 8396832.. 8396832: 1:
1: 1.. 2: 8397051.. 8397052: 2: 8396833: last,eof
/etc: 2 extents found
FIEMAP also has the benefit that you don't need to call it millions of times
for large files, like is needed for FIBMAP.
Cheers, Andreas
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail