From 92ead2966b78ac6b2d6a0a464cc15c6ee6f853c6 Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Thu, 28 Jan 2021 11:39:42 +0100 Subject: sys/linux/filesystem: add mount_setattr() coverage I've moved the idmapped mount patchset into my for-next branch and plan to send it for the v5.12 merge window in ~2.5 weeks. It comes with a large xfstest but I would also like to get some syzkaller coverage. With-help-from: Dmitry Vyukov Signed-off-by: Christian Brauner --- sys/linux/filesystem.txt | 13 +++++++++++++ sys/linux/filesystem.txt.const | 2 ++ sys/linux/namespaces.txt | 2 ++ 3 files changed, 17 insertions(+) (limited to 'sys/linux') diff --git a/sys/linux/filesystem.txt b/sys/linux/filesystem.txt index b7debaaaf..49a3f794c 100644 --- a/sys/linux/filesystem.txt +++ b/sys/linux/filesystem.txt @@ -38,8 +38,21 @@ fsconfig$FSCONFIG_CMD_RECONFIGURE(fd fd_fscontext, cmd const[FSCONFIG_CMD_RECONF fsmount(fs_fd fd_fscontext, flags flags[fsmount_flags], attr_flags flags[fsmount_attr_flags]) fd move_mount(from_dfd fd_dir[opt], from_pathname ptr[in, filename], to_dfd fd_dir[opt], to_pathname ptr[in, filename], flags flags[move_mount_flags]) open_tree(dfd fd_dir[opt], filename ptr[in, filename], flags flags[open_tree_flags]) fd +mount_setattr(dfd fd_dir[opt], filename ptr[in, filename], flags flags[mount_setattr_flags], args ptr[in, mount_attr], size bytesize[args]) open_tree_flags = AT_EMPTY_PATH, AT_NO_AUTOMOUNT, AT_RECURSIVE, AT_SYMLINK_NOFOLLOW, OPEN_TREE_CLONE, OPEN_TREE_CLOEXEC + +mount_setattr_flags = AT_EMPTY_PATH, AT_NO_AUTOMOUNT, AT_RECURSIVE, AT_SYMLINK_NOFOLLOW + +mount_attr { + attr_set flags[mount_attr_flags, int64] + attr_clr flags[mount_attr_flags, int64] + propagation flags[mount_attr_propagation_flags, int64] + userns_fd align64[fd_userns] +} + +mount_attr_flags = MOUNT_ATTR_RDONLY, MOUNT_ATTR_NOSUID, MOUNT_ATTR_NODEV, MOUNT_ATTR_NOEXEC, MOUNT_ATTR__ATIME, MOUNT_ATTR_NODIRATIME, MOUNT_ATTR_IDMAP +mount_attr_propagation_flags = MS_UNBINDABLE, MS_PRIVATE, MS_SLAVE, MS_SHARED fsmount_flags = FSMOUNT_CLOEXEC fsopen_flags = FSOPEN_CLOEXEC fspick_flags = FSPICK_CLOEXEC diff --git a/sys/linux/filesystem.txt.const b/sys/linux/filesystem.txt.const index 5a96172be..7e0e4cb06 100644 --- a/sys/linux/filesystem.txt.const +++ b/sys/linux/filesystem.txt.const @@ -24,6 +24,7 @@ MOUNT_ATTR_NOEXEC = 8 MOUNT_ATTR_NOSUID = 2 MOUNT_ATTR_RDONLY = 1 MOUNT_ATTR__ATIME = 112 +MOUNT_ATTR_IDMAP = 1048576 MOVE_MOUNT_F_AUTOMOUNTS = 2 MOVE_MOUNT_F_EMPTY_PATH = 4 MOVE_MOUNT_F_SYMLINKS = 1 @@ -64,4 +65,5 @@ __NR_fspick = 433, mips64le:5433 __NR_mount = 21, amd64:165, arm64:riscv64:40, mips64le:5160 __NR_move_mount = 429, mips64le:5429 __NR_open_tree = 428, mips64le:5428 +__NR_mount_setattr = 442, mips64le:5442 __NR_umount2 = 52, amd64:166, arm64:riscv64:39, mips64le:5161 diff --git a/sys/linux/namespaces.txt b/sys/linux/namespaces.txt index 5ae862c8f..63ded0e2c 100644 --- a/sys/linux/namespaces.txt +++ b/sys/linux/namespaces.txt @@ -5,11 +5,13 @@ include include resource fd_namespace[fd] +resource fd_userns[fd_namespace] unshare(flags flags[unshare_flags]) setns(fd fd_namespace, type flags[ns_type]) syz_open_procfs$namespace(pid pid, file ptr[in, string[procfs_namespace_file]]) fd_namespace +syz_open_procfs$userns(pid pid, file ptr[in, string["ns/user"]]) fd_userns ioctl$NS_GET_USERNS(fd fd_namespace, cmd const[NS_GET_USERNS], arg const[0]) ioctl$NS_GET_PARENT(fd fd_namespace, cmd const[NS_GET_PARENT], arg const[0]) fd_namespace -- cgit mrf-deployment