sanitize handling of nd->last_type, kill LAST_BIND
->last_type values are set in 3 places: path_init() (sets to LAST_ROOT), link_path_walk (LAST_NORM/DOT/DOTDOT) and pick_link (LAST_BIND). The are checked in walk_component(), lookup_last() and do_last(). They also get copied to the caller by filename_parentat(). In the last 3 cases the value is what we had at the return from link_path_walk(). In case of walk_component() it's either directly downstream from assignment in link_path_walk() or, when called by lookup_last(), the value we have at the return from link_path_walk(). The value at the entry into link_path_walk() can survive to return only if the pathname contains nothing but slashes. Note that pick_link() never returns such - pure jumps are handled directly. So for the calls of link_path_walk() for trailing symlinks it does not matter what value had been there at the entry; the value at the return won't depend upon it. There are 3 call chains that might have pick_link() storing LAST_BIND: 1) pick_link() from step_into() from walk_component() from link_path_walk(). In that case we will either be parsing the next component immediately after return into link_path_walk(), which will overwrite the ->last_type before anyone has a chance to look at it, or we'll fail, in which case nobody will be looking at ->last_type at all. 2) pick_link() from step_into() from walk_component() from lookup_last(). The value is never looked at due to the above; it won't affect the value seen at return from any link_path_walk(). 3) pick_link() from step_into() from do_last(). Ditto. In other words, assignemnt in pick_link() is pointless, and so is LAST_BIND itself; nothing ever looks at that value. Kill it off. And make link_path_walk() _always_ assign ->last_type - in the only case when the value at the entry might survive to the return that value is always LAST_ROOT, inherited from path_init(). Move that assignment from path_init() into the beginning of link_path_walk(), to consolidate the things. Historical note: LAST_BIND used to be used for the kludge with trailing pure jump symlinks (extra iteration through the top-level loop). No point keeping it anymore... Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
This commit is contained in:
parent
ad6cc4c338
commit
b4c0353693
|
@ -404,11 +404,8 @@ that is the "next" component in the pathname.
|
||||||
``int last_type``
|
``int last_type``
|
||||||
~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
This is one of ``LAST_NORM``, ``LAST_ROOT``, ``LAST_DOT``, ``LAST_DOTDOT``, or
|
This is one of ``LAST_NORM``, ``LAST_ROOT``, ``LAST_DOT`` or ``LAST_DOTDOT``.
|
||||||
``LAST_BIND``. The ``last`` field is only valid if the type is
|
The ``last`` field is only valid if the type is ``LAST_NORM``.
|
||||||
``LAST_NORM``. ``LAST_BIND`` is used when following a symlink and no
|
|
||||||
components of the symlink have been processed yet. Others should be
|
|
||||||
fairly self-explanatory.
|
|
||||||
|
|
||||||
``struct path root``
|
``struct path root``
|
||||||
~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
|
@ -1785,7 +1785,6 @@ static const char *pick_link(struct nameidata *nd, struct path *link,
|
||||||
if (unlikely(error))
|
if (unlikely(error))
|
||||||
return ERR_PTR(error);
|
return ERR_PTR(error);
|
||||||
|
|
||||||
nd->last_type = LAST_BIND;
|
|
||||||
res = READ_ONCE(inode->i_link);
|
res = READ_ONCE(inode->i_link);
|
||||||
if (!res) {
|
if (!res) {
|
||||||
const char * (*get)(struct dentry *, struct inode *,
|
const char * (*get)(struct dentry *, struct inode *,
|
||||||
|
@ -2123,6 +2122,7 @@ static int link_path_walk(const char *name, struct nameidata *nd)
|
||||||
{
|
{
|
||||||
int err;
|
int err;
|
||||||
|
|
||||||
|
nd->last_type = LAST_ROOT;
|
||||||
if (IS_ERR(name))
|
if (IS_ERR(name))
|
||||||
return PTR_ERR(name);
|
return PTR_ERR(name);
|
||||||
while (*name=='/')
|
while (*name=='/')
|
||||||
|
@ -2224,7 +2224,6 @@ static const char *path_init(struct nameidata *nd, unsigned flags)
|
||||||
if (flags & LOOKUP_RCU)
|
if (flags & LOOKUP_RCU)
|
||||||
rcu_read_lock();
|
rcu_read_lock();
|
||||||
|
|
||||||
nd->last_type = LAST_ROOT; /* if there are only slashes... */
|
|
||||||
nd->flags = flags | LOOKUP_JUMPED | LOOKUP_PARENT;
|
nd->flags = flags | LOOKUP_JUMPED | LOOKUP_PARENT;
|
||||||
nd->depth = 0;
|
nd->depth = 0;
|
||||||
|
|
||||||
|
|
|
@ -15,7 +15,7 @@ enum { MAX_NESTED_LINKS = 8 };
|
||||||
/*
|
/*
|
||||||
* Type of the last component on LOOKUP_PARENT
|
* Type of the last component on LOOKUP_PARENT
|
||||||
*/
|
*/
|
||||||
enum {LAST_NORM, LAST_ROOT, LAST_DOT, LAST_DOTDOT, LAST_BIND};
|
enum {LAST_NORM, LAST_ROOT, LAST_DOT, LAST_DOTDOT};
|
||||||
|
|
||||||
/* pathwalk mode */
|
/* pathwalk mode */
|
||||||
#define LOOKUP_FOLLOW 0x0001 /* follow links at the end */
|
#define LOOKUP_FOLLOW 0x0001 /* follow links at the end */
|
||||||
|
|
Loading…
Reference in New Issue