search

legionus / kbd

Mirror of https://git.kernel.org/pub/scm/linux/kernel/git/legion/kbd.git
https://kbd-project.org
Other
84 stars 41 forks source link

loadkeys triggers all mounts in the cwd #101

Closed poettering closed 1 year ago

poettering commented 1 year ago

It appears that loadskeys triggers all inodes in the current cwd. It really shouldn#t do that, as this might lead to deadlocks during boot, because the system might not be ready to trigger an autofs this early.

it's also a security hole of sorts (i.e. compare with the fact that on linux execvp() does not bother with the cwd either by default, and people generally frown upon it).

I think loadkeys should never look in the cwd for keymaps. If you want to keep it, at least don#t trigger the inodes anymore. i.e. use AT_NO_AUTOMOUNT

poettering commented 1 year ago

See https://github.com/systemd/systemd/issues/28677 for details where people ran into this.

legionus commented 1 year ago

This is a very old behavior that appeared before I joined this project:

https://github.com/legionus/kbd/blob/7fbc26250c640bc0746c3bad738ab1bed21816f3/src/loadkeys.y#L568

I totally agree that this is extremely counter-intuitive behavior. I'm going to remove the current directory and search list.

poettering commented 1 year ago

excellent! thanks!

legionus commented 1 year ago

Should be fixed in kbd-2.6.2.

poettering commented 1 year ago

Excellent! thanks!

DaanDeMeyer commented 9 months ago

@legionus It seems like loadkeys still probes all directories in the cwd for some reason. This is from loadkeys 2.6.3 on Arch Linux:

[pid   382] newfstatat(AT_FDCWD, "./abc", {st_mode=S_IFREG|0644, st_size=119468, ...}, 0) = 0
[pid   382] newfstatat(AT_FDCWD, "./bin", {st_mode=S_IFDIR|0755, st_size=28672, ...}, 0) = 0
[pid   382] newfstatat(AT_FDCWD, "./boot", {st_mode=S_IFDIR|0755, st_size=0, ...}, 0) = 0
[pid   382] newfstatat(AT_FDCWD, "./dev", {st_mode=S_IFDIR|0755, st_size=3360, ...}, 0) = 0
[pid   382] newfstatat(AT_FDCWD, "./efi", {st_mode=S_IFDIR|0500, st_size=4096, ...}, 0) = 0
[pid   382] newfstatat(AT_FDCWD, "./etc", {st_mode=S_IFDIR|0755, st_size=4096, ...}, 0) = 0
[pid   382] newfstatat(AT_FDCWD, "./failed-services", {st_mode=S_IFREG|0644, st_size=0, ...}, 0) = 0
[pid   382] newfstatat(AT_FDCWD, "./home", {st_mode=S_IFDIR|0755, st_size=4096, ...}, 0) = 0
[pid   382] newfstatat(AT_FDCWD, "./init", {st_mode=S_IFREG|0755, st_size=100464, ...}, 0) = 0
[pid   382] newfstatat(AT_FDCWD, "./lib", {st_mode=S_IFDIR|0755, st_size=24576, ...}, 0) = 0
[pid   382] newfstatat(AT_FDCWD, "./lib64", {st_mode=S_IFDIR|0755, st_size=24576, ...}, 0) = 0
[pid   382] newfstatat(AT_FDCWD, "./lost+found", {st_mode=S_IFDIR|0700, st_size=16384, ...}, 0) = 0
[pid   382] newfstatat(AT_FDCWD, "./mnt", {st_mode=S_IFDIR|0755, st_size=4096, ...}, 0) = 0
[pid   382] newfstatat(AT_FDCWD, "./opt", {st_mode=S_IFDIR|0755, st_size=4096, ...}, 0) = 0
[pid   382] newfstatat(AT_FDCWD, "./proc", {st_mode=S_IFDIR|0555, st_size=0, ...}, 0) = 0
[pid   382] newfstatat(AT_FDCWD, "./root", {st_mode=S_IFDIR|0750, st_size=4096, ...}, 0) = 0
[pid   382] newfstatat(AT_FDCWD, "./run", {st_mode=S_IFDIR|0755, st_size=380, ...}, 0) = 0
[pid   382] newfstatat(AT_FDCWD, "./sbin", {st_mode=S_IFDIR|0755, st_size=28672, ...}, 0) = 0
[pid   382] newfstatat(AT_FDCWD, "./srv", {st_mode=S_IFDIR|0755, st_size=4096, ...}, 0) = 0
[pid   382] newfstatat(AT_FDCWD, "./sys", {st_mode=S_IFDIR|0555, st_size=0, ...}, 0) = 0
[pid   382] newfstatat(AT_FDCWD, "./tmp", {st_mode=S_IFDIR|S_ISVTX|0777, st_size=160, ...}, 0) = 0
[pid   382] newfstatat(AT_FDCWD, "./usr", {st_mode=S_IFDIR|0755, st_size=4096, ...}, 0) = 0
[pid   382] newfstatat(AT_FDCWD, "./var", {st_mode=S_IFDIR|0755, st_size=4096, ...}, 0) = 0