diff mbox series

[2/2] afs: Fix afs_listxattr() to not list afs ACL special xattrs

Message ID 161547183017.1868820.15107551878060916410.stgit@warthog.procyon.org.uk (mailing list archive)
State New
Headers show
Series AFS metadata xattr fixes | expand

Commit Message

David Howells March 11, 2021, 2:10 p.m. UTC
afs_listxattr() lists all the available special afs xattrs (i.e. those in
the "afs.*" space), no matter what type of server we're dealing with.  But
OpenAFS servers, for example, cannot deal with some of the extra-capable
attributes that AuriStor (YFS) servers provide.  Unfortunately, the
presence of the afs.yfs.* attributes causes errors[1] for anything that
tries to read them if the server is of the wrong type.

Fix afs_listxattr() so that it doesn't list any of the AFS ACL xattrs.  It
does mean, however, that getfattr won't list them, though they can still be
accessed with getxattr() and setxattr().

This can be tested with something like:

	getfattr -d -m ".*" /afs/example.com/path/to/file

With this change, none of the afs.* ACL attributes should be visible.

Fixes: ae46578b963f ("afs: Get YFS ACLs and information through xattrs")
Reported-by: Gaja Sophie Peters <gaja.peters@math.uni-hamburg.de>
Signed-off-by: David Howells <dhowells@redhat.com>
Tested-by: Gaja Sophie Peters <gaja.peters@math.uni-hamburg.de>
cc: linux-afs@lists.infradead.org
Link: http://lists.infradead.org/pipermail/linux-afs/2021-March/003502.html [1]
---

 fs/afs/xattr.c |    7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

Comments

Marc Dionne March 11, 2021, 6:59 p.m. UTC | #1
On Thu, Mar 11, 2021 at 10:10 AM David Howells <dhowells@redhat.com> wrote:
>
> afs_listxattr() lists all the available special afs xattrs (i.e. those in
> the "afs.*" space), no matter what type of server we're dealing with.  But
> OpenAFS servers, for example, cannot deal with some of the extra-capable
> attributes that AuriStor (YFS) servers provide.  Unfortunately, the
> presence of the afs.yfs.* attributes causes errors[1] for anything that
> tries to read them if the server is of the wrong type.
>
> Fix afs_listxattr() so that it doesn't list any of the AFS ACL xattrs.  It
> does mean, however, that getfattr won't list them, though they can still be
> accessed with getxattr() and setxattr().
>
> This can be tested with something like:
>
>         getfattr -d -m ".*" /afs/example.com/path/to/file
>
> With this change, none of the afs.* ACL attributes should be visible.
>
> Fixes: ae46578b963f ("afs: Get YFS ACLs and information through xattrs")
> Reported-by: Gaja Sophie Peters <gaja.peters@math.uni-hamburg.de>
> Signed-off-by: David Howells <dhowells@redhat.com>
> Tested-by: Gaja Sophie Peters <gaja.peters@math.uni-hamburg.de>
> cc: linux-afs@lists.infradead.org
> Link: http://lists.infradead.org/pipermail/linux-afs/2021-March/003502.html [1]
> ---
>
>  fs/afs/xattr.c |    7 +------
>  1 file changed, 1 insertion(+), 6 deletions(-)
>
> diff --git a/fs/afs/xattr.c b/fs/afs/xattr.c
> index 4934e325a14a..81a6aec764cc 100644
> --- a/fs/afs/xattr.c
> +++ b/fs/afs/xattr.c
> @@ -12,14 +12,9 @@
>  #include "internal.h"
>
>  static const char afs_xattr_list[] =
> -       "afs.acl\0"
>         "afs.cell\0"
>         "afs.fid\0"
> -       "afs.volume\0"
> -       "afs.yfs.acl\0"
> -       "afs.yfs.acl_inherited\0"
> -       "afs.yfs.acl_num_cleaned\0"
> -       "afs.yfs.vol_acl";
> +       "afs.volume";
>
>  /*
>   * Retrieve a list of the supported xattrs.

As Jeffrey suggested, you may want to consider not exposing any of
them, but this seems fine to me.

Besides the reasons you mention, acls getting copied blindly is not a
good idea.  The source and target may be in different cells where
users and groups mean different things.  For files, it may switch them
from inheriting permissions from their parent to having their own ACL,
etc.

Reviewed-by: Marc Dionne <marc.dionne@auristor.com>

Marc
diff mbox series

Patch

diff --git a/fs/afs/xattr.c b/fs/afs/xattr.c
index 4934e325a14a..81a6aec764cc 100644
--- a/fs/afs/xattr.c
+++ b/fs/afs/xattr.c
@@ -12,14 +12,9 @@ 
 #include "internal.h"
 
 static const char afs_xattr_list[] =
-	"afs.acl\0"
 	"afs.cell\0"
 	"afs.fid\0"
-	"afs.volume\0"
-	"afs.yfs.acl\0"
-	"afs.yfs.acl_inherited\0"
-	"afs.yfs.acl_num_cleaned\0"
-	"afs.yfs.vol_acl";
+	"afs.volume";
 
 /*
  * Retrieve a list of the supported xattrs.