[PATCH 14/19] fs: Permit FIBMAP for users with CAP_SYS_RAWIO in s_user_ns

Andreas Dilger adilger at dilger.ca
Fri Dec 4 16:00:58 PST 2015


> On Dec 4, 2015, at 4:11 PM, Theodore Ts'o <tytso at mit.edu> wrote:
> 
> On Fri, Dec 04, 2015 at 02:45:32PM -0600, Seth Forshee wrote:
>> On Fri, Dec 04, 2015 at 02:07:36PM -0600, Serge E. Hallyn wrote:
>>> Heh, I was looking over http://www.gossamer-threads.com/lists/linux/kernel/103611
>>> a little while ago :)  The same question was asked 16 years ago.  Apparently
>>> the answer then was that it was easier than fixing the code.
>> 
>> So it seems then that either it still isn't safe and so unprivileged
>> users shouldn't be allowed to do it at all, or else it's safe and we
>> should drop the requirement completely. I can't say which is right,
>> unfortunately.
> 
> It may not have been safe 16 years agoo, but giving invalid arguments
> to FIBMAP is safe for ext4 and ext2.  This is the sort of thing that
> tools like trinity should and does test for, so I think it should be
> fine to remove the root check for FIBMAP.

You can use FIEMAP on regular files and directories without special permission:

$ filefrag -v /etc
Filesystem type is: ef53
File size of /etc is 12288 (3 blocks of 4096 bytes)
 ext:     logical_offset:        physical_offset: length:   expected: flags:
   0:        0..       0:    8396832..   8396832:      1:
   1:        1..       2:    8397051..   8397052:      2:    8396833: last,eof
/etc: 2 extents found


FIEMAP also has the benefit that you don't need to call it millions of times
for large files, like is needed for FIBMAP.

Cheers, Andreas





-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.infradead.org/pipermail/linux-mtd/attachments/20151204/52f403f7/attachment.sig>


More information about the linux-mtd mailing list