lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <161547183017.1868820.15107551878060916410.stgit@warthog.procyon.org.uk>
Date:   Thu, 11 Mar 2021 14:10:30 +0000
From:   David Howells <dhowells@...hat.com>
To:     linux-afs@...ts.infradead.org
Cc:     Gaja Sophie Peters <gaja.peters@...h.uni-hamburg.de>,
        Gaja Sophie Peters <gaja.peters@...h.uni-hamburg.de>,
        dhowells@...hat.com,
        Gaja Sophie Peters <gaja.peters@...h.uni-hamburg.de>,
        linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: [PATCH 2/2] afs: Fix afs_listxattr() to not list afs ACL special
 xattrs

afs_listxattr() lists all the available special afs xattrs (i.e. those in
the "afs.*" space), no matter what type of server we're dealing with.  But
OpenAFS servers, for example, cannot deal with some of the extra-capable
attributes that AuriStor (YFS) servers provide.  Unfortunately, the
presence of the afs.yfs.* attributes causes errors[1] for anything that
tries to read them if the server is of the wrong type.

Fix afs_listxattr() so that it doesn't list any of the AFS ACL xattrs.  It
does mean, however, that getfattr won't list them, though they can still be
accessed with getxattr() and setxattr().

This can be tested with something like:

	getfattr -d -m ".*" /afs/example.com/path/to/file

With this change, none of the afs.* ACL attributes should be visible.

Fixes: ae46578b963f ("afs: Get YFS ACLs and information through xattrs")
Reported-by: Gaja Sophie Peters <gaja.peters@...h.uni-hamburg.de>
Signed-off-by: David Howells <dhowells@...hat.com>
Tested-by: Gaja Sophie Peters <gaja.peters@...h.uni-hamburg.de>
cc: linux-afs@...ts.infradead.org
Link: http://lists.infradead.org/pipermail/linux-afs/2021-March/003502.html [1]
---

 fs/afs/xattr.c |    7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

diff --git a/fs/afs/xattr.c b/fs/afs/xattr.c
index 4934e325a14a..81a6aec764cc 100644
--- a/fs/afs/xattr.c
+++ b/fs/afs/xattr.c
@@ -12,14 +12,9 @@
 #include "internal.h"
 
 static const char afs_xattr_list[] =
-	"afs.acl\0"
 	"afs.cell\0"
 	"afs.fid\0"
-	"afs.volume\0"
-	"afs.yfs.acl\0"
-	"afs.yfs.acl_inherited\0"
-	"afs.yfs.acl_num_cleaned\0"
-	"afs.yfs.vol_acl";
+	"afs.volume";
 
 /*
  * Retrieve a list of the supported xattrs.


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ