lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Thu, 5 Aug 2021 11:56:18 +0200
From:   Jan Kara <jack@...e.cz>
To:     Gabriel Krisman Bertazi <krisman@...labora.com>
Cc:     jack@...e.com, amir73il@...il.com, djwong@...nel.org,
        tytso@....edu, david@...morbit.com, dhowells@...hat.com,
        khazhy@...gle.com, linux-fsdevel@...r.kernel.org,
        linux-ext4@...r.kernel.org, linux-api@...r.kernel.org,
        kernel@...labora.com
Subject: Re: [PATCH v5 14/23] fanotify: Encode invalid file handler when no
 inode is provided

On Wed 04-08-21 12:06:03, Gabriel Krisman Bertazi wrote:
> Instead of failing, encode an invalid file handler in fanotify_encode_fh
> if no inode is provided.  This bogus file handler will be reported by
> FAN_FS_ERROR for non-inode errors.
> 
> Also adjust the single caller that might rely on failure after passing
> an empty inode.

It is not 'file handler' but rather 'file handle' - several times in the
changelog and in subject :).

> Suggested-by: Amir Goldstein <amir73il@...il.com>
> Signed-off-by: Gabriel Krisman Bertazi <krisman@...labora.com>
> ---
>  fs/notify/fanotify/fanotify.c | 39 ++++++++++++++++++++---------------
>  fs/notify/fanotify/fanotify.h |  6 ++++--
>  2 files changed, 26 insertions(+), 19 deletions(-)
> 
> diff --git a/fs/notify/fanotify/fanotify.c b/fs/notify/fanotify/fanotify.c
> index 0d6ba218bc01..456c60107d88 100644
> --- a/fs/notify/fanotify/fanotify.c
> +++ b/fs/notify/fanotify/fanotify.c
> @@ -349,12 +349,6 @@ static int fanotify_encode_fh(struct fanotify_fh *fh, struct inode *inode,
>  	void *buf = fh->buf;
>  	int err;
>  
> -	fh->type = FILEID_ROOT;
> -	fh->len = 0;
> -	fh->flags = 0;
> -	if (!inode)
> -		return 0;
> -

I'd keep the fh->flags initialization here. Otherwise it will not be
initialized on some error returns.

> @@ -363,8 +357,9 @@ static int fanotify_encode_fh(struct fanotify_fh *fh, struct inode *inode,
>  	if (fh_len < 4 || WARN_ON_ONCE(fh_len % 4))
>  		goto out_err;
>  
> -	/* No external buffer in a variable size allocated fh */
> -	if (gfp && fh_len > FANOTIFY_INLINE_FH_LEN) {
> +	fh->flags = 0;
> +	/* No external buffer in a variable size allocated fh or null fh */
> +	if (inode && gfp && fh_len > FANOTIFY_INLINE_FH_LEN) {
>  		/* Treat failure to allocate fh as failure to encode fh */
>  		err = -ENOMEM;
>  		ext_buf = kmalloc(fh_len, gfp);
> @@ -376,14 +371,24 @@ static int fanotify_encode_fh(struct fanotify_fh *fh, struct inode *inode,
>  		fh->flags |= FANOTIFY_FH_FLAG_EXT_BUF;
>  	}
>  
> -	dwords = fh_len >> 2;
> -	type = exportfs_encode_inode_fh(inode, buf, &dwords, NULL);
> -	err = -EINVAL;
> -	if (!type || type == FILEID_INVALID || fh_len != dwords << 2)
> -		goto out_err;
> -
> -	fh->type = type;
> -	fh->len = fh_len;
> +	if (inode) {
> +		dwords = fh_len >> 2;
> +		type = exportfs_encode_inode_fh(inode, buf, &dwords, NULL);
> +		err = -EINVAL;
> +		if (!type || type == FILEID_INVALID || fh_len != dwords << 2)
> +			goto out_err;
> +		fh->type = type;
> +		fh->len = fh_len;
> +	} else {
> +		/*
> +		 * Invalid FHs are used on FAN_FS_ERROR for errors not
> +		 * linked to any inode. Caller needs to guarantee the fh
> +		 * has at least FANOTIFY_NULL_FH_LEN bytes of space.
> +		 */
> +		fh->type = FILEID_INVALID;
> +		fh->len = FANOTIFY_NULL_FH_LEN;
> +		memset(buf, 0, FANOTIFY_NULL_FH_LEN);
> +	}

Maybe it will become clearer later during the series but why do you set
fh->len to FANOTIFY_NULL_FH_LEN and not 0?

								Honza
-- 
Jan Kara <jack@...e.com>
SUSE Labs, CR

Powered by blists - more mailing lists