From: "Darrick J. Wong" <djwong@kernel.org>
To: djwong@kernel.org
Cc: linux-xfs@vger.kernel.org
Subject: [PATCH 1/4] xfs: hide private inodes from bulkstat and handle functions
Date: Mon, 26 Feb 2024 18:24:46 -0800 [thread overview]
Message-ID: <170900012232.938660.16382530364290848736.stgit@frogsfrogsfrogs> (raw)
In-Reply-To: <170900012206.938660.3603038404932438747.stgit@frogsfrogsfrogs>
From: Darrick J. Wong <djwong@kernel.org>
We're about to start adding functionality that uses internal inodes that
are private to XFS. What this means is that userspace should never be
able to access any information about these files, and should not be able
to open these files by handle. Callers are not allowed to link these
files into the directory tree, which should suffice to make these
private inodes actually private.
Signed-off-by: Darrick J. Wong <djwong@kernel.org>
---
fs/xfs/xfs_export.c | 2 +-
fs/xfs/xfs_itable.c | 8 ++++++++
2 files changed, 9 insertions(+), 1 deletion(-)
diff --git a/fs/xfs/xfs_export.c b/fs/xfs/xfs_export.c
index 7cd09c3a82cb5..4b03221351c0f 100644
--- a/fs/xfs/xfs_export.c
+++ b/fs/xfs/xfs_export.c
@@ -160,7 +160,7 @@ xfs_nfs_get_inode(
}
}
- if (VFS_I(ip)->i_generation != generation) {
+ if (VFS_I(ip)->i_generation != generation || IS_PRIVATE(VFS_I(ip))) {
xfs_irele(ip);
return ERR_PTR(-ESTALE);
}
diff --git a/fs/xfs/xfs_itable.c b/fs/xfs/xfs_itable.c
index 14462614fcc8d..4610660f267e6 100644
--- a/fs/xfs/xfs_itable.c
+++ b/fs/xfs/xfs_itable.c
@@ -97,6 +97,14 @@ xfs_bulkstat_one_int(
vfsuid = i_uid_into_vfsuid(idmap, inode);
vfsgid = i_gid_into_vfsgid(idmap, inode);
+ /* If this is a private inode, don't leak its details to userspace. */
+ if (IS_PRIVATE(inode)) {
+ xfs_iunlock(ip, XFS_ILOCK_SHARED);
+ xfs_irele(ip);
+ error = -EINVAL;
+ goto out_advance;
+ }
+
/* xfs_iget returns the following without needing
* further change.
*/
next prev parent reply other threads:[~2024-02-27 2:24 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-02-27 2:18 [PATCHSET v29.4 04/13] xfs: create temporary files for online repair Darrick J. Wong
2024-02-27 2:24 ` Darrick J. Wong [this message]
2024-02-27 18:15 ` [PATCH 1/4] xfs: hide private inodes from bulkstat and handle functions Christoph Hellwig
2024-02-28 16:52 ` Darrick J. Wong
2024-02-28 17:02 ` Christoph Hellwig
2024-02-28 17:33 ` Darrick J. Wong
2024-02-28 17:39 ` Christoph Hellwig
2024-02-27 2:25 ` [PATCH 2/4] xfs: create temporary files and directories for online repair Darrick J. Wong
2024-02-27 18:16 ` Christoph Hellwig
2024-02-27 2:25 ` [PATCH 3/4] xfs: refactor live buffer invalidation for repairs Darrick J. Wong
2024-02-27 18:16 ` Christoph Hellwig
2024-02-27 2:25 ` [PATCH 4/4] xfs: add the ability to reap entire inode forks Darrick J. Wong
2024-02-27 18:16 ` Christoph Hellwig
-- strict thread matches above, loose matches on Subject: below --
2024-04-15 23:34 [PATCHSET v30.3 04/16] xfs: create temporary files for online repair Darrick J. Wong
2024-04-15 23:44 ` [PATCH 1/4] xfs: hide private inodes from bulkstat and handle functions Darrick J. Wong
2024-03-27 1:47 [PATCHSET v30.1 05/15] xfs: create temporary files for online repair Darrick J. Wong
2024-03-27 1:57 ` [PATCH 1/4] xfs: hide private inodes from bulkstat and handle functions Darrick J. Wong
2024-03-27 11:12 ` Christoph Hellwig
2023-12-31 19:29 [PATCHSET v29.0 17/28] xfs: create temporary files for online repair Darrick J. Wong
2023-12-31 20:31 ` [PATCH 1/4] xfs: hide private inodes from bulkstat and handle functions Darrick J. Wong
2023-05-26 0:34 [PATCHSET v25.0 0/4] xfs: create temporary files for online repair Darrick J. Wong
2023-05-26 1:28 ` [PATCH 1/4] xfs: hide private inodes from bulkstat and handle functions Darrick J. Wong
2022-12-30 22:14 [PATCHSET v24.0 0/4] xfs: create temporary files for online repair Darrick J. Wong
2022-12-30 22:14 ` [PATCH 1/4] xfs: hide private inodes from bulkstat and handle functions Darrick J. Wong
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=170900012232.938660.16382530364290848736.stgit@frogsfrogsfrogs \
--to=djwong@kernel.org \
--cc=linux-xfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.