Comparing changes

Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>

./mkdir_linux.go:150: finaly ==> finally, finale ./mkdir_linux_test.go:42: becuase ==> because ./procfs_linux.go:278: stricly ==> strictly Found by codespell v2.3.0. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>

Commit 54905ce removes go 1.14, so the exclude is useless now. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>

Commit 3d3771c started to use slices package, which is only available since Go 1.21. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>

Using sync.OnceValue instead of sync.Once results in less global variables. The downside is a global function variable, but in this particular case it becomes a benefit since instead of adding logic to force true or false in tests we change the function itself. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>

Change has* functions from using sync.Once to sync.OnceValue[s], which results in less global variables and simplifies code a little. The only notable changes are in haveProcThreadSelf: 1. Renamed to hasProcThreadSelf to match others; 2. Changed to use absolute path (assuming /proc is always available), as we can't pass a parameter to a sync.OnceValue function; 3. Changed to use unix.Access (simpler and faster). Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>

Kir Kolyshkin (3): gha: add codespell job gha: rm obsoleted exclude Fix a few typos LGTMs: cyphar

Kir Kolyshkin (3): has*: use sync.OnceValue[s] hasOpenat2: use sync.OnceValue go.mod: bump go to 1.21 LGTMs: cyphar

It turns out the GC can close the directory during our loop in CI sometimes, leading to the following failures (note that dir.Fd() returns -1, which is a closed directory): === RUN TestPartialLookup_RacingRename/openat2=true/swap-dir-danglinglink-basic panic: renameat2([-1]"/tmp/TestPartialLookup_RacingRenameopenat2=trueswap-dir-file-basic3291115487/001/tree", "a/b", ..., "file", RENAME_EXCHANGE) = no such file or directory goroutine 552 [running]: github.com/cyphar/filepath-securejoin.doRenameExchangeLoop(0xc000027680, 0xc0000276e0, 0xc0000025a8, {0x66c786, 0x3}, {0x66c8f4, 0x4}) /home/runner/work/filepath-securejoin/filepath-securejoin/util_linux_test.go:111 +0x38c created by github.com/cyphar/filepath-securejoin.TestPartialLookup_RacingRename.func1.1 in goroutine 551 /home/runner/work/filepath-securejoin/filepath-securejoin/lookup_linux_test.go:561 +0x525 exit status 2 Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>

Aleksa Sarai (1): tests: make sure the directory handle is kept alive in rename loop LGTMs: cyphar

We've had several examples of unexpected semantics with how modes are calculated, and there will likely be many more in the future. In addition, mounting filesystems like vfat with mount options that mess with ownership (like "uid=1234,gid=5678,umask=0") will result in unexpected behaviour that would be very difficult to emulate. To avoid further regressions, just remove the checks entirely. In theory we could switch to adding warnings, but there's no real benefit IMHO. The semantics of MkdirAll are quite loose already so arguably there is no practical difference between re-using a directory that already existed and being tricked into opening an intermediate directory you didn't create. Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>

Some pseudofilesystems (like cgroupfs) create non-empty directories, so this check is kind of questionable if someone tries to use MkdirAll on those filesystems. The semantics of MkdirAll already allow us to re-use a non-empty directory, so this check arguably didn't buy us anything anyway. Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>

Aleksa Sarai (2): mkdir: don't check that the directory is empty mkdir: do not return errors for incorrect directory modes or owners LGTMs: cyphar

Despite 1446241 ("tests: make sure the directory handle is kept alive in rename loop"), we are still getting the same errors. I suspect the issue is that the directory is getting deleted while we're still in the loop. To work around this, don't panic if the directory is closed (which must happen before the Go test infrastructure deletes the temporary directory). Fixes:1446241e8a9f ("tests: make sure the directory handle is kept alive in rename loop") Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>

These methods are not public, and their docstrings are copies of those from the VFS interface methods. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>

Since Go 1.19 it is possible to link to other identifiers. Let's use it. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>

Kir Kolyshkin (3): OpenInRoot: add CVE link to godoc Add cross-links to godoc Remove osVFS methods documentation LGTMs: cyphar

Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Comparing changes

Open a pull request

Commits on Sep 13, 2024

Commits on Sep 23, 2024

Commits on Sep 25, 2024

Commits on Sep 30, 2024

This comparison is taking too long to generate.

Uh oh!