| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 13 Apr 2024 17:34:31 -0700
From: Danny Lin <danny@...stack.dev>
To: danny@...stack.dev
Cc: stable@...r.kernel.org,
Miklos Szeredi <miklos@...redi.hu>,
linux-fsdevel@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: [PATCH] fuse: fix leaked ENOSYS error on first statx call
FUSE attempts to detect server support for statx by trying it once and
setting no_statx=1 if it fails with ENOSYS, but consider the following
scenario:
- Userspace (e.g. sh) calls stat() on a file
* succeeds
- Userspace (e.g. lsd) calls statx(BTIME) on the same file
- request_mask = STATX_BASIC_STATS | STATX_BTIME
- first pass: sync=true due to differing cache_mask
- statx fails and returns ENOSYS
- set no_statx and retry
- retry sets mask = STATX_BASIC_STATS
- now mask == cache_mask; sync=false (time_before: still valid)
- so we take the "else if (stat)" path
- "err" is still ENOSYS from the failed statx call
Fix this by zeroing "err" before retrying the failed call.
Fixes: d3045530bdd2 ("fuse: implement statx")
Cc: stable@...r.kernel.org # v6.6
Signed-off-by: Danny Lin <danny@...stack.dev>
---
fs/fuse/dir.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c
index de452cdbf3cf..a63125ce70a4 100644
--- a/fs/fuse/dir.c
+++ b/fs/fuse/dir.c
@@ -1362,6 +1362,7 @@ static int fuse_update_get_attr(struct inode *inode, struct file *file,
err = fuse_do_statx(inode, file, stat);
if (err == -ENOSYS) {
fc->no_statx = 1;
+ err = 0;
goto retry;
}
} else {
--
2.44.0
Powered by blists - more mailing lists