[PATCH review 4/4] vfs: Do not allow escaping from bind mounts.

Eric W. Biederman ebiederm at xmission.com
Thu Apr 9 16:52:15 UTC 2015

Jann Horn <jann at thejh.net> writes:

> On Wed, Apr 08, 2015 at 06:34:12PM -0500, Eric W. Biederman wrote:
>> +static unsigned d_depth(const struct dentry *dentry)
>> +{
>> +	unsigned depth = 0;
>> +
>> +	while (!IS_ROOT(dentry)) {
>> +		dentry = dentry->d_parent;
>> +		depth++;
>> +	}
>> +	return depth;
>> +}
> This relies on a depth of 2^32 being impossible, right? Which is guaranteed
> somewhat because you would need something like a terabyte of RAM to have
> that many dentries in RAM? I can't find any explicit check. Maybe it would
> make sense to let the depth be 64 bits or add some kind of overflow check?
> Or did I just miss some kind of check on allocation?

Well there is the 4K PATH_MAX.

If nothing else your performance will grind to a halt if you attempt to
use a path that deeply nested.

That said it doesn't cost us anything to make the variables
unsigned long and it avoids having to worry about this piece of code.

I will respin this patch.


More information about the Containers mailing list