From: Dominique Martinet <asmadeus@codewreck.org>
To: Fedor Pchelkin <pchelkin@ispras.ru>
Cc: Christian Schoenebeck <linux_oss@crudebyte.com>,
Eric Van Hensbergen <ericvh@kernel.org>,
Latchesar Ionkov <lucho@ionkov.net>,
v9fs@lists.linux.dev, linux-kernel@vger.kernel.org,
Christian Brauner <brauner@kernel.org>,
xingwei lee <xrivendell7@gmail.com>,
sam sun <samsun1006219@gmail.com>,
lvc-project@linuxtesting.org,
Alexey Khoroshilov <khoroshilov@ispras.ru>
Subject: Re: [PATCH] 9p: cap xattr max size to XATTR_SIZE_MAX
Date: Mon, 23 Sep 2024 05:26:10 +0900 [thread overview]
Message-ID: <ZvB9YsV8BZSFoDrC@codewreck.org> (raw)
In-Reply-To: <20240901-075b24ce58df695232e3d345-pchelkin@ispras.ru>
Fedor Pchelkin wrote on Sun, Sep 01, 2024 at 10:16:55AM +0300:
> the issue is still present in upstream kernel [1].
Right, I didn't register the end of discussion, thanks for the reminder
> Considering the remark from Christian that limiting the allocation to
> XATTR_SIZE_MAX seems too Linux-specific, maybe just fail silently with
> __GFP_NOWARN flag passed to the allocator and return ENOMEM? I submitted
> the patch [2] sometime ago which looks still applicable to the mainline
> kernel. It was superseded with current discussion.
Hmm, at high level, I don't really see the problem of being
linux-specific here - we're writing a linux client.
Something larger might work in the very specific case of the acl call
here, but normal userspace getxattr will be truncated to XATTR_SIZE_MAX
anyway (in do_getxattr), and returning a size larger than that will
yield odd behavior for userspace: calling getxattr with a zero size will
return a size larger than XATTR_SIZE_MAX, then trying to call getxattr
with the returned size will just fail as the buffer is silently
truncated to a shorter size without any way to work around that; it
sounds more coherent to me to just say we can't do it in the first
place.
Anyway, I guess a malicious server has an infinite number of way to
cause nuisance to our clients here so this is the least of our worry,
and not giving a warning is better than giving one, so if we're not
doing anything else adding NOWARN is probably for the best but I'm
really not sure I agree there...
I'm getting less involved with linux as real life commitments increase,
so I'll just defer to whatever eminent folks think about here --
Christian (Brauner), please take your pick of either of these (or
anything else) and I'll apply it:
(just adding nowarn to the acl path that warned)
https://lore.kernel.org/lkml/20240202121319.21743-1-pchelkin@ispras.ru/
or
(limit to XATTR_SIZE_MAX in 9p's xattr_handler->get() op)
https://lore.kernel.org/all/20240304-xattr_maxsize-v1-1-322357ec6bdf@codewreck.org/
(and I see vfs_getxattr_alloc() hasn't been updated to error on
size > XATTR_SIZE_MAX either, but we don't use it anyway)
Thanks,
--
Dominique Martinet | Asmadeus
prev parent reply other threads:[~2024-09-22 20:26 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-03-04 12:42 [PATCH] 9p: cap xattr max size to XATTR_SIZE_MAX Dominique Martinet
2024-03-04 13:35 ` Christian Schoenebeck
2024-03-04 14:19 ` Christian Brauner
2024-03-04 14:35 ` Seth Forshee
2024-03-04 14:44 ` Seth Forshee
2024-09-01 7:16 ` Fedor Pchelkin
2024-09-22 20:26 ` Dominique Martinet [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZvB9YsV8BZSFoDrC@codewreck.org \
--to=asmadeus@codewreck.org \
--cc=brauner@kernel.org \
--cc=ericvh@kernel.org \
--cc=khoroshilov@ispras.ru \
--cc=linux-kernel@vger.kernel.org \
--cc=linux_oss@crudebyte.com \
--cc=lucho@ionkov.net \
--cc=lvc-project@linuxtesting.org \
--cc=pchelkin@ispras.ru \
--cc=samsun1006219@gmail.com \
--cc=v9fs@lists.linux.dev \
--cc=xrivendell7@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.