From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from sequoia-grove.ad.secure-endpoints.com (sequoia-grove.ad.secure-endpoints.com [208.125.0.235]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6EA127F for ; Sun, 3 Mar 2024 04:40:17 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=208.125.0.235 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709440819; cv=none; b=H+U74lfCwvhDzTXTJVYWEaZklz4z58kqw1+81d8v2OPz9gIr9ld86zvVFupQE4ROPq4pdTPfGkmtr+JHf+x4eQexk3b8sHECGyedI5bzqVX25ENutOcd8IB2a0NVuNT4xnKUIHrVX7apqjjkry/YR5lDYwFNGPgIVQ0Mg3EVz3Y= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709440819; c=relaxed/simple; bh=FvXZT3aP0YJuyc5mq7uVkvwzJ66FUPvvfrtvSLCcv/0=; h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From: In-Reply-To:Content-Type; b=ifjyNbjR1SEzSQ9ATfWB1nw4GviwsHBEOhYl4cx7I3HpQAbgYSgdVT9DgWUUV6pCZ9ze6otlLKupF0iFKQVLKR0Xex2FXAFXYOUqwD6o+BY8/MO3/Wq2Y+OKIAklucA1gq7G7eKgZaEtpNSRvj1UmVpO9YZY77onGby2jEy+vAU= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=auristor.com; spf=pass smtp.mailfrom=auristor.com; dkim=pass (1024-bit key) header.d=auristor.com header.i=jaltman@auristor.com header.b=J/XWLOGr; arc=none smtp.client-ip=208.125.0.235 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=auristor.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=auristor.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=auristor.com header.i=jaltman@auristor.com header.b="J/XWLOGr" DKIM-Signature: v=1; a=rsa-sha256; c=simple/relaxed; d=auristor.com; s=MDaemon; r=y; t=1709440344; x=1710045144; i=jaltman@auristor.com; q=dns/txt; h=Message-ID:Date: MIME-Version:User-Agent:Subject:To:Cc:References: Content-Language:From:Organization:In-Reply-To:Content-Type; bh=Tfppcvk/trxUNCOEYE+khfCTNvI1PYi5jvhZkUpEovo=; b=J/XWLOGrVXc44 5pZ55Y7Cd09tszcw23ZXRAx6tSwHNblSNpoN6X6tQzisAdusEf9zxI1kh/g3ZUUU 9HfTuI3E73ll/BO/zUeU3c2SSk8NxN3FQHfvd0KpsYK1Q5Qd4OACafP4hQj44/L9 jQd+BriYlsw3TxIioHysvd+5XB+ZoY= X-MDAV-Result: clean X-MDAV-Processed: sequoia-grove.ad.secure-endpoints.com, Sat, 02 Mar 2024 23:32:24 -0500 Received: from [IPV6:2603:7000:73c:bb00:4852:92b1:dedf:53d7] by auristor.com (IPv6:2001:470:1f07:f77:28d9:68fb:855d:c2a5) (MDaemon PRO v23.5.3a) with ESMTPSA id md5001003817062.msg; Sat, 02 Mar 2024 23:32:22 -0500 X-Spam-Processed: sequoia-grove.ad.secure-endpoints.com, Sat, 02 Mar 2024 23:32:22 -0500 (not processed: message from trusted or authenticated source) X-MDRemoteIP: 2603:7000:73c:bb00:4852:92b1:dedf:53d7 X-MDHelo: [IPV6:2603:7000:73c:bb00:4852:92b1:dedf:53d7] X-MDArrival-Date: Sat, 02 Mar 2024 23:32:22 -0500 X-MDOrigin-Country: US, NA X-Authenticated-Sender: jaltman@auristor.com X-Return-Path: prvs=1792303f1e=jaltman@auristor.com X-Envelope-From: jaltman@auristor.com X-MDaemon-Deliver-To: patches@lists.linux.dev Message-ID: <03aa52e3-7ab9-484e-9ad2-b03938d2019b@auristor.com> Date: Sat, 2 Mar 2024 23:32:04 -0500 Precedence: bulk X-Mailing-List: patches@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH 5.4 032/267] afs: Hide silly-rename files from userspace To: Greg Kroah-Hartman , stable@vger.kernel.org Cc: patches@lists.linux.dev, David Howells , Marc Dionne , linux-afs@lists.infradead.org, Sasha Levin References: <20240221125940.058369148@linuxfoundation.org> <20240221125941.044302264@linuxfoundation.org> Content-Language: en-US From: Jeffrey E Altman Organization: AuriStor, Inc. In-Reply-To: <20240221125941.044302264@linuxfoundation.org> Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha-256; boundary="------------ms030606090609000403070803" X-MDCFSigsAdded: auristor.com This is a cryptographically signed message in MIME format. --------------ms030606090609000403070803 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Greg, If its not too late it would be best not to backport this change to 6.7, 6.6, 6.1, 5.15, 5.10, and 5.4. This change can result in an infinite loop in directory parsing and the fix for that has yet to be merged by Linus. Sorry for the additional work. Thank you. Jeffrey Altman On 2/21/2024 8:06 AM, Greg Kroah-Hartman wrote: > 5.4-stable review patch. If anyone has any objections, please let me know. > > ------------------ > > From: David Howells > > [ Upstream commit 57e9d49c54528c49b8bffe6d99d782ea051ea534 ] > > There appears to be a race between silly-rename files being created/removed > and various userspace tools iterating over the contents of a directory, > leading to such errors as: > > find: './kernel/.tmp_cpio_dir/include/dt-bindings/reset/.__afs2080': No such file or directory > tar: ./include/linux/greybus/.__afs3C95: File removed before we read it > > when building a kernel. > > Fix afs_readdir() so that it doesn't return .__afsXXXX silly-rename files > to userspace. This doesn't stop them being looked up directly by name as > we need to be able to look them up from within the kernel as part of the > silly-rename algorithm. > > Fixes: 79ddbfa500b3 ("afs: Implement sillyrename for unlink and rename") > Signed-off-by: David Howells > cc: Marc Dionne > cc: linux-afs@lists.infradead.org > Signed-off-by: Sasha Levin > --- > fs/afs/dir.c | 8 ++++++++ > 1 file changed, 8 insertions(+) > > diff --git a/fs/afs/dir.c b/fs/afs/dir.c > index 43f5b972fcea..8bed9df09230 100644 > --- a/fs/afs/dir.c > +++ b/fs/afs/dir.c > @@ -421,6 +421,14 @@ static int afs_dir_iterate_block(struct afs_vnode *dvnode, > continue; > } > > + /* Don't expose silly rename entries to userspace. */ > + if (nlen > 6 && > + dire->u.name[0] == '.' && > + ctx->actor != afs_lookup_filldir && > + ctx->actor != afs_lookup_one_filldir && > + memcmp(dire->u.name, ".__afs", 6) == 0) > + continue; > + > /* found the next entry */ > if (!dir_emit(ctx, dire->u.name, nlen, > ntohl(dire->u.vnode), --------------ms030606090609000403070803 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgEFADCABgkqhkiG9w0BBwEAAKCC DHEwggXSMIIEuqADAgECAhBAAYJpmi/rPn/F0fJyDlzMMA0GCSqGSIb3DQEBCwUAMDoxCzAJ BgNVBAYTAlVTMRIwEAYDVQQKEwlJZGVuVHJ1c3QxFzAVBgNVBAMTDlRydXN0SUQgQ0EgQTEz MB4XDTIyMDgwNDE2MDQ0OFoXDTI1MTAzMTE2MDM0OFowcDEvMC0GCgmSJomT8ixkAQETH0Ew MTQxMEQwMDAwMDE4MjY5OUEyRkQyMDAwMjMzQ0QxGTAXBgNVBAMTEEplZmZyZXkgRSBBbHRt YW4xFTATBgNVBAoTDEF1cmlTdG9yIEluYzELMAkGA1UEBhMCVVMwggEiMA0GCSqGSIb3DQEB AQUAA4IBDwAwggEKAoIBAQCkC7PKBBZnQqDKPtZPMLAy77zo2DPvwtGnd1hNjPvbXrpGxUb3 xHZRtv179LHKAOcsY2jIctzieMxf82OMyhpBziMPsFAG/ukihBMFj3/xEeZVso3K27pSAyyN fO/wJ0rX7G+ges22Dd7goZul8rPaTJBIxbZDuaykJMGpNq4PQ8VPcnYZx+6b+nJwJJoJ46kI EEfNh3UKvB/vM0qtxS690iAdgmQIhTl+qfXq4IxWB6b+3NeQxgR6KLU4P7v88/tvJTpxIKkg 9xj89ruzeThyRFd2DSe3vfdnq9+g4qJSHRXyTft6W3Lkp7UWTM4kMqOcc4VSRdufVKBQNXjG IcnhAgMBAAGjggKcMIICmDAOBgNVHQ8BAf8EBAMCBPAwgYQGCCsGAQUFBwEBBHgwdjAwBggr BgEFBQcwAYYkaHR0cDovL2NvbW1lcmNpYWwub2NzcC5pZGVudHJ1c3QuY29tMEIGCCsGAQUF BzAChjZodHRwOi8vdmFsaWRhdGlvbi5pZGVudHJ1c3QuY29tL2NlcnRzL3RydXN0aWRjYWEx My5wN2MwHwYDVR0jBBgwFoAULbfeG1l+KpguzeHUG+PFEBJe6RQwCQYDVR0TBAIwADCCASsG A1UdIASCASIwggEeMIIBGgYLYIZIAYb5LwAGAgEwggEJMEoGCCsGAQUFBwIBFj5odHRwczov L3NlY3VyZS5pZGVudHJ1c3QuY29tL2NlcnRpZmljYXRlcy9wb2xpY3kvdHMvaW5kZXguaHRt bDCBugYIKwYBBQUHAgIwga0MgapUaGlzIFRydXN0SUQgQ2VydGlmaWNhdGUgaGFzIGJlZW4g aXNzdWVkIGluIGFjY29yZGFuY2Ugd2l0aCBJZGVuVHJ1c3QncyBUcnVzdElEIENlcnRpZmlj YXRlIFBvbGljeSBmb3VuZCBhdCBodHRwczovL3NlY3VyZS5pZGVudHJ1c3QuY29tL2NlcnRp ZmljYXRlcy9wb2xpY3kvdHMvaW5kZXguaHRtbDBFBgNVHR8EPjA8MDqgOKA2hjRodHRwOi8v dmFsaWRhdGlvbi5pZGVudHJ1c3QuY29tL2NybC90cnVzdGlkY2FhMTMuY3JsMB8GA1UdEQQY MBaBFGphbHRtYW5AYXVyaXN0b3IuY29tMB0GA1UdDgQWBBQB+nzqgljLocLTsiUn2yWqEc2s gjAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwDQYJKoZIhvcNAQELBQADggEBAJwV eycprp8Ox1npiTyfwc5QaVaqtoe8Dcg2JXZc0h4DmYGW2rRLHp8YL43snEV93rPJVk6B2v4c WLeQfaMrnyNeEuvHx/2CT44cdLtaEk5zyqo3GYJYlLcRVz6EcSGHv1qPXgDT0xB/25etwGYq utYF4Chkxu4KzIpq90eDMw5ajkexw+8ARQz4N5+d6NRbmMCovd7wTGi8th/BZvz8hgKUiUJo Qle4wDxrdXdnIhCP7g87InXKefWgZBF4VX21t2+hkc04qrhIJlHrocPG9mRSnnk2WpsY0MXt a8ivbVKtfpY7uSNDZSKTDi1izEFH5oeQdYRkgIGb319a7FjslV8wggaXMIIEf6ADAgECAhBA AXA7OrqBjMk8rp4OuNQSMA0GCSqGSIb3DQEBCwUAMEoxCzAJBgNVBAYTAlVTMRIwEAYDVQQK EwlJZGVuVHJ1c3QxJzAlBgNVBAMTHklkZW5UcnVzdCBDb21tZXJjaWFsIFJvb3QgQ0EgMTAe Fw0yMDAyMTIyMTA3NDlaFw0zMDAyMTIyMTA3NDlaMDoxCzAJBgNVBAYTAlVTMRIwEAYDVQQK EwlJZGVuVHJ1c3QxFzAVBgNVBAMTDlRydXN0SUQgQ0EgQTEzMIIBIjANBgkqhkiG9w0BAQEF AAOCAQ8AMIIBCgKCAQEAu6sUO01SDD99PM+QdZkNxKxJNt0NgQE+Zt6ixaNP0JKSjTd+SG5L wqxBWjnOgI/3dlwgtSNeN77AgSs+rA4bK4GJ75cUZZANUXRKw/et8pf9Qn6iqgB63OdHxBN/ 15KbM3HR+PyiHXQoUVIevCKW8nnlWnnZabT1FejOhRRKVUg5HACGOTfnCOONrlxlg+m1Vjgn o1uNqNuLM/jkD1z6phNZ/G9IfZGI0ppHX5AA/bViWceX248VmefNhSR14ADZJtlAAWOi2un0 3bqrBPHA9nDyXxI8rgWLfUP5rDy8jx2hEItg95+ORF5wfkGUq787HBjspE86CcaduLka/Bk2 VwIDAQABo4IChzCCAoMwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwgYkG CCsGAQUFBwEBBH0wezAwBggrBgEFBQcwAYYkaHR0cDovL2NvbW1lcmNpYWwub2NzcC5pZGVu dHJ1c3QuY29tMEcGCCsGAQUFBzAChjtodHRwOi8vdmFsaWRhdGlvbi5pZGVudHJ1c3QuY29t L3Jvb3RzL2NvbW1lcmNpYWxyb290Y2ExLnA3YzAfBgNVHSMEGDAWgBTtRBnA0/AGi+6ke75C 5yZUyI42djCCASQGA1UdIASCARswggEXMIIBEwYEVR0gADCCAQkwSgYIKwYBBQUHAgEWPmh0 dHBzOi8vc2VjdXJlLmlkZW50cnVzdC5jb20vY2VydGlmaWNhdGVzL3BvbGljeS90cy9pbmRl eC5odG1sMIG6BggrBgEFBQcCAjCBrQyBqlRoaXMgVHJ1c3RJRCBDZXJ0aWZpY2F0ZSBoYXMg YmVlbiBpc3N1ZWQgaW4gYWNjb3JkYW5jZSB3aXRoIElkZW5UcnVzdCdzIFRydXN0SUQgQ2Vy dGlmaWNhdGUgUG9saWN5IGZvdW5kIGF0IGh0dHBzOi8vc2VjdXJlLmlkZW50cnVzdC5jb20v Y2VydGlmaWNhdGVzL3BvbGljeS90cy9pbmRleC5odG1sMEoGA1UdHwRDMEEwP6A9oDuGOWh0 dHA6Ly92YWxpZGF0aW9uLmlkZW50cnVzdC5jb20vY3JsL2NvbW1lcmNpYWxyb290Y2ExLmNy bDAdBgNVHQ4EFgQULbfeG1l+KpguzeHUG+PFEBJe6RQwHQYDVR0lBBYwFAYIKwYBBQUHAwIG CCsGAQUFBwMEMA0GCSqGSIb3DQEBCwUAA4ICAQB/7BKcygLX6Nl4a03cDHt7TLdPxCzFvDF2 bkVYCFTRX47UfeomF1gBPFDee3H/IPlLRmuTPoNt0qjdpfQzmDWN95jUXLdLPRToNxyaoB5s 0hOhcV6H08u3FHACBif55i0DTDzVSaBv0AZ9h1XeuGx4Fih1Vm3Xxz24GBqqVudvPRLyMJ7u 6hvBqTIKJ53uCs3dyQLZT9DXnp+kJv8y7ZSAY+QVrI/dysT8avtn8d7k7azNBkfnbRq+0e88 QoBnel6u+fpwbd5NLRHywXeH+phbzULCa+bLPRMqJaW2lbhvSWrMHRDy3/d8HvgnLCBFK2s4 Spns4YCN4xVcbqlGWzgolHCKUH39vpcsDo1ymZFrJ8QR6ihIn8FmJ5oKwAnnd/G6ADXFC9bu db9+532phSAXOZrrecIQn+vtP366PC+aClAPsIIDJDsotS5z4X2JUFsNIuEgXGqhiKE7SuZb rFG9sdcLprSlJN7TsRDc0W2b9nqwD+rj/5MN0C+eKwha+8ydv0+qzTyxPP90KRgaegGowC4d UsZyTk2n4Z3MuAHX5nAZL/Vh/SyDj/ajorV44yqZBzQ3ChKhXbfUSwe2xMmygA2Z5DRwMRJn p/BscizYdNk2WXJMTnH+wVLN8sLEwEtQR4eTLoFmQvrK2AMBS9kW5sBkMzINt/ZbbcZ3F+eA MDGCAxQwggMQAgEBME4wOjELMAkGA1UEBhMCVVMxEjAQBgNVBAoTCUlkZW5UcnVzdDEXMBUG A1UEAxMOVHJ1c3RJRCBDQSBBMTMCEEABgmmaL+s+f8XR8nIOXMwwDQYJYIZIAWUDBAIBBQCg ggGXMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTI0MDMwMzA0 MzIwNFowLwYJKoZIhvcNAQkEMSIEIK6VhGzZaovCcfnIY3g7T2xXqGpjTTsmZ5DMn0nAzxT/ MF0GCSsGAQQBgjcQBDFQME4wOjELMAkGA1UEBhMCVVMxEjAQBgNVBAoTCUlkZW5UcnVzdDEX MBUGA1UEAxMOVHJ1c3RJRCBDQSBBMTMCEEABgmmaL+s+f8XR8nIOXMwwXwYLKoZIhvcNAQkQ AgsxUKBOMDoxCzAJBgNVBAYTAlVTMRIwEAYDVQQKEwlJZGVuVHJ1c3QxFzAVBgNVBAMTDlRy dXN0SUQgQ0EgQTEzAhBAAYJpmi/rPn/F0fJyDlzMMGwGCSqGSIb3DQEJDzFfMF0wCwYJYIZI AWUDBAEqMAsGCWCGSAFlAwQBAjAKBggqhkiG9w0DBzAOBggqhkiG9w0DAgICAIAwDQYIKoZI hvcNAwICAUAwBwYFKw4DAgcwDQYIKoZIhvcNAwICASgwDQYJKoZIhvcNAQEBBQAEggEAXrvl RmDpvsrcaMjB5IaIcqlUzs1pb5WTW3yxx/rVdjUFPX/rPzz/nofE7HmtS2ya6Qg0N4xr14Sx UkVZocz1MejRof3ynj8ZEt3cgiyWFxjJsiXJl46zvEqJvnSrYsB6AgUXpI+vxwmbsz3oNxru SzHq2D+UwFBThy84YOzCOK0izcZvVrnLsqaidRW/dgOlA3Wt6D5F9CrRzCgFhfs/hU/faII7 v8gouRz2AjbB4FM26ibJPkdSmYB4dpqnWHc9P3FQnSq8JBMBT25PgqcGqRFPDen+ksWod34q R1ElNtei1/JoU4b6Jozi0TdR0S5wWWKnVGtPv5lV+YddO20wpQAAAAAAAA== --------------ms030606090609000403070803--