RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-05-14 08:04:57 +00:00
Code Issues Activity Actions

Kernel+Userland: Add mount MS_SRCHIDDEN option

Browse source 
Either we mount from a loop device or other source, the user might want
to obfuscate the given source for security reasons, so this option will
ensure this will happen.
If passed during a mount, the source will be hidden when reading from
the /sys/kernel/df node.
This commit is contained in:
Liav A 2024-02-10 12:27:32 +02:00 committed by Andrew Kaster
parent 0739b5df11
commit 0734de9f9a
3 changed files with 21 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

1
Kernel/API/POSIX/unistd.h
View file

@ -30,6 +30,7 @@ extern "C" {
#define MS_WXALLOWED (1 << 6) #define MS_WXALLOWED (1 << 6)
#define MS_AXALLOWED (1 << 7) #define MS_AXALLOWED (1 << 7)
#define MS_NOREGULAR (1 << 8) #define MS_NOREGULAR (1 << 8)
#define MS_SRCHIDDEN (1 << 9)
enum { enum {
_SC_MONOTONIC_CLOCK, _SC_MONOTONIC_CLOCK,

27
Kernel/FileSystem/SysFS/Subsystems/Kernel/DiskUsage.cpp
View file

@ -5,6 +5,7 @@
*/ */
#include <AK/JsonObjectSerializer.h> #include <AK/JsonObjectSerializer.h>
#include <Kernel/API/POSIX/unistd.h>
#include <Kernel/Devices/Loop/LoopDevice.h> #include <Kernel/Devices/Loop/LoopDevice.h>
#include <Kernel/FileSystem/FileBackedFileSystem.h> #include <Kernel/FileSystem/FileBackedFileSystem.h>
#include <Kernel/FileSystem/SysFS/Subsystems/Kernel/DiskUsage.h> #include <Kernel/FileSystem/SysFS/Subsystems/Kernel/DiskUsage.h>
@ -40,18 +41,22 @@ ErrorOr<void> SysFSDiskUsage::try_generate(KBufferBuilder& builder)
TRY(fs_object.add("readonly"sv, fs.is_readonly())); TRY(fs_object.add("readonly"sv, fs.is_readonly()));
TRY(fs_object.add("mount_flags"sv, mount.flags())); TRY(fs_object.add("mount_flags"sv, mount.flags()));
if (fs.is_file_backed()) { if (mount.flags() & MS_SRCHIDDEN) {
auto& file = static_cast<const FileBackedFileSystem&>(fs).file(); TRY(fs_object.add("source"sv, "unknown"));
if (file.is_loop_device()) {
auto& device = static_cast<LoopDevice const&>(file);
auto path = TRY(device.custody().try_serialize_absolute_path());
TRY(fs_object.add("source"sv, path->view()));
} else {
auto pseudo_path = TRY(static_cast<const FileBackedFileSystem&>(fs).file_description().pseudo_path());
TRY(fs_object.add("source"sv, pseudo_path->view()));
}
} else { } else {
TRY(fs_object.add("source"sv, "none")); if (fs.is_file_backed()) {
auto& file = static_cast<const FileBackedFileSystem&>(fs).file();
if (file.is_loop_device()) {
auto& device = static_cast<LoopDevice const&>(file);
auto path = TRY(device.custody().try_serialize_absolute_path());
TRY(fs_object.add("source"sv, path->view()));
} else {
auto pseudo_path = TRY(static_cast<const FileBackedFileSystem&>(fs).file_description().pseudo_path());
TRY(fs_object.add("source"sv, pseudo_path->view()));
}
} else {
TRY(fs_object.add("source"sv, "none"));
}
} }
TRY(fs_object.finish()); TRY(fs_object.finish());

4
Userland/Utilities/mount.cpp
View file

@ -43,6 +43,8 @@ static int parse_options(StringView options)
flags |= MS_AXALLOWED; flags |= MS_AXALLOWED;
else if (part == "noregular") else if (part == "noregular")
flags |= MS_NOREGULAR; flags |= MS_NOREGULAR;
else if (part == "srchidden")
flags |= MS_SRCHIDDEN;
else else
warnln("Ignoring invalid option: {}", part); warnln("Ignoring invalid option: {}", part);
} }
@ -181,6 +183,8 @@ static ErrorOr<void> print_mounts()
out(",nodev"); out(",nodev");
if (mount_flags & MS_NOREGULAR) if (mount_flags & MS_NOREGULAR)
out(",noregular"); out(",noregular");
if (mount_flags & MS_SRCHIDDEN)
out(",srcobfuscate");
if (mount_flags & MS_NOEXEC) if (mount_flags & MS_NOEXEC)
out(",noexec"); out(",noexec");
if (mount_flags & MS_NOSUID) if (mount_flags & MS_NOSUID)