From: Anand Jain <anand.jain@oracle.com>
To: Goldwyn Rodrigues <rgoldwyn@suse.de>, linux-btrfs@vger.kernel.org
Cc: fdmanana@kernel.org
Subject: Re: [PATCH v2] btrfs: Check if root is readonly while setting security xattr
Date: Thu, 18 Aug 2022 11:42:28 +0800 [thread overview]
Message-ID: <3d566dd4-8239-a39c-01ab-45c1e9300a1b@oracle.com> (raw)
In-Reply-To: <20220816214256.t5ikj7pyqe6l6qgn@fiona>
On 8/17/22 05:42, Goldwyn Rodrigues wrote:
> For a filesystem which has btrfs read-only property set to true, all
> write operations including xattr should be denied. However, security
> xattr can still be changed even if btrfs ro property is true.
>
> This happens because xattr_permission() does not have any restrictions
> on security.*, system.* and in some cases trusted.* from VFS and
> the decision is left to the underlying filesystem. See comments in
> xattr_permission() for more details.
>
> This patch checks if the root is read-only before performing the set
> xattr operation.
>
Now we match to the mount -o ro behaviour.
Reviewed-by: Anand Jain <anand.jain@oracle.com>
Thanks.
> Testcase:
>
> #!/bin/bash
>
> DEV=/dev/vdb
> MNT=/mnt
>
> mkfs.btrfs -f $DEV
> mount $DEV $MNT
> echo "file one" > $MNT/f1
>
> setfattr -n "security.one" -v 2 $MNT/f1
> btrfs property set /mnt ro true
>
> # Following statement should fail
> setfattr -n "security.one" -v 1 $MNT/f1
>
> umount $MNT
>
> Signed-off-by: Goldwyn Rodrigues <rgoldwyn@suse.com>
> Reviewed-by: Qu Wenruo <wqu@suse.com>
>
>
> diff --git a/fs/btrfs/xattr.c b/fs/btrfs/xattr.c
> index 7421abcf325a..5bb8d8c86311 100644
> --- a/fs/btrfs/xattr.c
> +++ b/fs/btrfs/xattr.c
> @@ -371,6 +371,9 @@ static int btrfs_xattr_handler_set(const struct xattr_handler *handler,
> const char *name, const void *buffer,
> size_t size, int flags)
> {
> + if (btrfs_root_readonly(BTRFS_I(inode)->root))
> + return -EROFS;
> +
> name = xattr_full_name(handler, name);
> return btrfs_setxattr_trans(inode, name, buffer, size, flags);
> }
>
prev parent reply other threads:[~2022-08-18 3:42 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-08-16 21:42 [PATCH v2] btrfs: Check if root is readonly while setting security xattr Goldwyn Rodrigues
2022-08-17 10:58 ` Filipe Manana
2022-08-17 14:39 ` David Sterba
2022-08-18 3:42 ` Anand Jain [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3d566dd4-8239-a39c-01ab-45c1e9300a1b@oracle.com \
--to=anand.jain@oracle.com \
--cc=fdmanana@kernel.org \
--cc=linux-btrfs@vger.kernel.org \
--cc=rgoldwyn@suse.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox