lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <2932437.1615829093@warthog.procyon.org.uk>
Date:   Mon, 15 Mar 2021 17:24:53 +0000
From:   David Howells <dhowells@...hat.com>
To:     torvalds@...ux-foundation.org
cc:     dhowells@...hat.com,
        Gaja Sophie Peters <gaja.peters@...h.uni-hamburg.de>,
        Jeffrey Altman <jaltman@...istor.com>,
        Marc Dionne <marc.dionne@...istor.com>,
        linux-afs@...ts.infradead.org, linux-fsdevel@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: [GIT PULL] afs: Fix oops and confusion from metadata xattrs

Hi Linus,

Can you pull these two fixes to the afs filesystem please?

 (1) Fix an oops in AFS that can be triggered by accessing one of the
     afs.yfs.* xattrs against an OpenAFS server - for instance by "cp
     -a"[1], "rsync -X" or getfattr[2].  These try and copy all of the
     xattrs.

     cp and rsync should pay attention to the list in /etc/xattr.conf, but
     cp doesn't on Ubuntu and rsync doesn't seem to on Ubuntu or Fedora.
     xattr.conf has been modified upstream[3], and a new version has just
     been cut that includes it.  I've logged a bug against rsync for the
     problem there[4].

 (2) Stop listing "afs.*" xattrs[6], particularly ACL ones[8] so that they
     don't confuse cp and rsync.  This removes them from the list returned
     by listxattr(), but they're still available to get/set.

Changes:
ver #2:
 - Hide all of the afs.* xattrs, not just the ACL ones[7].

David

Link: http://lists.infradead.org/pipermail/linux-afs/2021-March/003498.html [1]
Link: http://lists.infradead.org/pipermail/linux-afs/2021-March/003501.html [2]
Link: https://git.savannah.nongnu.org/cgit/attr.git/commit/?id=74da517cc655a82ded715dea7245ce88ebc91b98 [3]
Link: https://github.com/WayneD/rsync/issues/163 [4]
Link: http://lists.infradead.org/pipermail/linux-afs/2021-March/003516.html [5]
Link: http://lists.infradead.org/pipermail/linux-afs/2021-March/003524.html [6]
Link: http://lists.infradead.org/pipermail/linux-afs/2021-March/003565.html # v1
Link: http://lists.infradead.org/pipermail/linux-afs/2021-March/003568.html [7]
Link: http://lists.infradead.org/pipermail/linux-afs/2021-March/003570.html [8]
Link: http://lists.infradead.org/pipermail/linux-afs/2021-March/003571.html # v2
---
The following changes since commit a38fd8748464831584a19438cbb3082b5a2dab15:

  Linux 5.12-rc2 (2021-03-05 17:33:41 -0800)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git tags/afs-fixes-20210315

for you to fetch changes up to a7889c6320b9200e3fe415238f546db677310fa9:

  afs: Stop listxattr() from listing "afs.*" attributes (2021-03-15 17:09:54 +0000)

----------------------------------------------------------------
AFS fixes

----------------------------------------------------------------
David Howells (2):
      afs: Fix accessing YFS xattrs on a non-YFS server
      afs: Stop listxattr() from listing "afs.*" attributes

 fs/afs/dir.c          |  1 -
 fs/afs/file.c         |  1 -
 fs/afs/fs_operation.c |  7 +++++--
 fs/afs/inode.c        |  1 -
 fs/afs/internal.h     |  1 -
 fs/afs/mntpt.c        |  1 -
 fs/afs/xattr.c        | 31 +++++++------------------------
 7 files changed, 12 insertions(+), 31 deletions(-)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ