From: Eric Biggers <ebiggers@kernel.org>
To: Jaegeuk Kim <jaegeuk@kernel.org>
Cc: linux-kernel@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net
Subject: Re: [f2fs-dev] [PATCH] f2fs: return -EPERM given generic mask
Date: Thu, 6 May 2021 23:26:47 -0700 [thread overview]
Message-ID: <YJTdp0Rj170TYm24@sol.localdomain> (raw)
In-Reply-To: <20210506191347.1242802-1-jaegeuk@kernel.org>
On Thu, May 06, 2021 at 12:13:47PM -0700, Jaegeuk Kim wrote:
> In f2fs_fileattr_set(),
>
> if (!fa->flags_valid)
> mask &= FS_COMMON_FL;
>
> In this case, we should not allow to set FS_COMPR_FL, instead of BUG_ON.
>
> /* Flags shared betwen flags/xflags */
> (FS_SYNC_FL | FS_IMMUTABLE_FL | FS_APPEND_FL | \
> FS_NODUMP_FL | FS_NOATIME_FL | FS_DAX_FL | \
> FS_PROJINHERIT_FL)
>
> Fixes: 4c5b47997521 ("vfs: add fileattr ops")
> Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
> ---
> fs/f2fs/file.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/fs/f2fs/file.c b/fs/f2fs/file.c
> index e01ce802cf10..38015ef84893 100644
> --- a/fs/f2fs/file.c
> +++ b/fs/f2fs/file.c
> @@ -1817,7 +1817,9 @@ static int f2fs_setflags_common(struct inode *inode, u32 iflags, u32 mask)
> struct f2fs_inode_info *fi = F2FS_I(inode);
> u32 masked_flags = fi->i_flags & mask;
>
> - f2fs_bug_on(F2FS_I_SB(inode), (iflags & ~mask));
> + /* mask can be shrunk by flags_valid selector */
> + if (iflags & ~mask)
> + return -EPERM;
>
> /* Is it quota file? Do not allow user to mess with it */
> if (IS_NOQUOTA(inode))
> --
> 2.31.1.607.g51e8a6a459-goog
This looks like the wrong fix. AFAICS, 'mask' is the set of inode flags that
the specific ioctl (FS_IOC_SETFLAGS or FS_IOC_FSSETXATTR) can potentially
modify, while 'iflags' is the new set of inode flags among the set that either
ioctl can potentially modify. So this change will stop FS_IOC_FSSETXATTR from
working on files that have already flags set which are only modifiable by
FS_IOC_SETFLAGS, e.g. the compression flag.
I think the correct fix would be to just do something like 'iflags &= mask'.
- Eric
_______________________________________________
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
WARNING: multiple messages have this Message-ID (diff)
From: Eric Biggers <ebiggers@kernel.org>
To: Jaegeuk Kim <jaegeuk@kernel.org>
Cc: linux-kernel@vger.kernel.org, linux-f2fs-devel@lists.sourceforge.net
Subject: Re: [f2fs-dev] [PATCH] f2fs: return -EPERM given generic mask
Date: Thu, 6 May 2021 23:26:47 -0700 [thread overview]
Message-ID: <YJTdp0Rj170TYm24@sol.localdomain> (raw)
In-Reply-To: <20210506191347.1242802-1-jaegeuk@kernel.org>
On Thu, May 06, 2021 at 12:13:47PM -0700, Jaegeuk Kim wrote:
> In f2fs_fileattr_set(),
>
> if (!fa->flags_valid)
> mask &= FS_COMMON_FL;
>
> In this case, we should not allow to set FS_COMPR_FL, instead of BUG_ON.
>
> /* Flags shared betwen flags/xflags */
> (FS_SYNC_FL | FS_IMMUTABLE_FL | FS_APPEND_FL | \
> FS_NODUMP_FL | FS_NOATIME_FL | FS_DAX_FL | \
> FS_PROJINHERIT_FL)
>
> Fixes: 4c5b47997521 ("vfs: add fileattr ops")
> Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
> ---
> fs/f2fs/file.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/fs/f2fs/file.c b/fs/f2fs/file.c
> index e01ce802cf10..38015ef84893 100644
> --- a/fs/f2fs/file.c
> +++ b/fs/f2fs/file.c
> @@ -1817,7 +1817,9 @@ static int f2fs_setflags_common(struct inode *inode, u32 iflags, u32 mask)
> struct f2fs_inode_info *fi = F2FS_I(inode);
> u32 masked_flags = fi->i_flags & mask;
>
> - f2fs_bug_on(F2FS_I_SB(inode), (iflags & ~mask));
> + /* mask can be shrunk by flags_valid selector */
> + if (iflags & ~mask)
> + return -EPERM;
>
> /* Is it quota file? Do not allow user to mess with it */
> if (IS_NOQUOTA(inode))
> --
> 2.31.1.607.g51e8a6a459-goog
This looks like the wrong fix. AFAICS, 'mask' is the set of inode flags that
the specific ioctl (FS_IOC_SETFLAGS or FS_IOC_FSSETXATTR) can potentially
modify, while 'iflags' is the new set of inode flags among the set that either
ioctl can potentially modify. So this change will stop FS_IOC_FSSETXATTR from
working on files that have already flags set which are only modifiable by
FS_IOC_SETFLAGS, e.g. the compression flag.
I think the correct fix would be to just do something like 'iflags &= mask'.
- Eric
next prev parent reply other threads:[~2021-05-07 6:27 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-05-06 19:13 [f2fs-dev] [PATCH] f2fs: return -EPERM given generic mask Jaegeuk Kim
2021-05-06 19:13 ` Jaegeuk Kim
2021-05-07 6:26 ` Eric Biggers [this message]
2021-05-07 6:26 ` [f2fs-dev] " Eric Biggers
2021-05-10 14:39 ` Jaegeuk Kim
2021-05-10 14:39 ` Jaegeuk Kim
2021-05-10 14:42 ` [f2fs-dev] [PATCH v2] f2fs: support iflag change given the mask Jaegeuk Kim
2021-05-10 14:42 ` Jaegeuk Kim
2021-05-10 22:28 ` [f2fs-dev] " Eric Biggers
2021-05-10 22:28 ` Eric Biggers
2021-05-11 0:21 ` Jaegeuk Kim
2021-05-11 0:21 ` Jaegeuk Kim
2021-05-11 1:43 ` Chao Yu
2021-05-11 1:43 ` Chao Yu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YJTdp0Rj170TYm24@sol.localdomain \
--to=ebiggers@kernel.org \
--cc=jaegeuk@kernel.org \
--cc=linux-f2fs-devel@lists.sourceforge.net \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.