All of lore.kernel.org
 help / color / mirror / Atom feed
From: Zorro Lang <zlang@kernel.org>
To: Avinesh Kumar <avinesh.kumar@suse.com>
Cc: fstests@vger.kernel.org
Subject: Re: [PATCH v2] generic/062: filter setfattr --restore symlink-safety warning
Date: Fri, 17 Jul 2026 17:22:11 +0800	[thread overview]
Message-ID: <alnu6gq9a1bJJF8b@zlang-mailbox> (raw)
In-Reply-To: <20260706191326.122555-1-avinesh.kumar@suse.com>

On Mon, Jul 06, 2026 at 09:13:26PM +0200, Avinesh Kumar wrote:
> From: Avinesh Kumar <avinesh.kumar@suse.com>
> 
> attr 2.6.0 (CVE-2026-54371 fix)[0] makes "setfattr --restore" warn when
> used without -P and the dump contains a symlink, which generic/062 does.
> The warning leaks into the compared output via the setfattr() wrapper
> and fails the test. Adding -P isn't portable (older attr doesn't have it),
> so filter the warning in the wrapper instead.
> 
> [0] https://cgit.git.savannah.nongnu.org/cgit/attr.git/commit/?id=3fb06b9ba314d37035d0877e6de313de754f1ac8

For generic/062, modifying the g/062 itself seems fine and logical, as
_extend_test_bed() explicitly introduces complex symlink paths for
testing purposes.

Have you run xfstests on XFS with attr 2.6.0? There are quite a few
setfattr --restore invocations in common/populate. If those also trigger
the new unsafe restore warnings, we might want to consider introducing
a helper function, such as _setfattr or _setfattr_restore to handle to
-h and -P things.

Reviewed-by: Zorro Lang <zlang@kernel.org>

> 
> Signed-off-by: Avinesh Kumar <avinesh.kumar@suse.com>
> ---
>  tests/generic/062 | 7 ++++++-
>  1 file changed, 6 insertions(+), 1 deletion(-)
> 
> diff --git a/tests/generic/062 b/tests/generic/062
> index 89659040..ddf0a478 100755
> --- a/tests/generic/062
> +++ b/tests/generic/062
> @@ -30,7 +30,12 @@ getfattr()
>  
>  setfattr()
>  {
> -    $SETFATTR_PROG $@ 2>&1 | _filter_scratch
> +    # attr >= 2.6.0 (CVE-2026-54371 fix) warns that "setfattr --restore" without
> +    # -P/--physical is unsafe because it can traverse symlinks. Older attr does
> +    # not accept -P, so just filter the warning to stay version-agnostic.
> +    $SETFATTR_PROG $@ 2>&1 | \
> +        sed -e '/^Warning: option --restore=file is unsafe without option/d' | \
> +        _filter_scratch
>  }
>  
>  _create_test_bed()
> -- 
> 2.54.0
> 

  reply	other threads:[~2026-07-17  9:22 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-07-06  6:11 [PATCH] generic/062: filter setfattr --restore symlink-safety warning Avinesh Kumar
2026-07-06 19:13 ` [PATCH v2] " Avinesh Kumar
2026-07-17  9:22   ` Zorro Lang [this message]
2026-07-17 12:04     ` Avinesh Kumar
2026-07-17 17:10       ` Zorro Lang

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=alnu6gq9a1bJJF8b@zlang-mailbox \
    --to=zlang@kernel.org \
    --cc=avinesh.kumar@suse.com \
    --cc=fstests@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.