| Message ID | 171323028194.251715.15160167066761168436.stgit@frogsfrogsfrogs (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | [01/31] xfs: rearrange xfs_attr_match parameters | expand |
On Mon, Apr 15, 2024 at 06:32:33PM -0700, Darrick J. Wong wrote: > From: Darrick J. Wong <djwong@kernel.org> > > Compare the fsid of a handle to m_fixedfsid so that we don't try to open > a handle from the wrong fs and get lucky if the ino/gen happen to match. I don't think this is a good idea. It'll break so far perfectly valid uses of the handle API when userspace hancrafted the handles or stored them in a more compact format.
On Mon, Apr 15, 2024 at 10:19:36PM -0700, Christoph Hellwig wrote: > On Mon, Apr 15, 2024 at 06:32:33PM -0700, Darrick J. Wong wrote: > > From: Darrick J. Wong <djwong@kernel.org> > > > > Compare the fsid of a handle to m_fixedfsid so that we don't try to open > > a handle from the wrong fs and get lucky if the ino/gen happen to match. > > I don't think this is a good idea. It'll break so far perfectly valid uses > of the handle API when userspace hancrafted the handles or stored them > in a more compact format. Ah, ok. It'll break userspace, and for the bad-fsid case you'll probably get an error code unless you get lucky and guess the generation correctly. Will drop this patch. --D
diff --git a/fs/xfs/xfs_handle.c b/fs/xfs/xfs_handle.c index b9f4d9860682a..417e4a1f5e6cb 100644 --- a/fs/xfs/xfs_handle.c +++ b/fs/xfs/xfs_handle.c @@ -163,6 +163,7 @@ xfs_khandle_to_dentry( .ino = handle->ha_fid.fid_ino, .gen = handle->ha_fid.fid_gen, }; + struct xfs_mount *mp = XFS_I(file_inode(file))->i_mount; /* * Only allow handle opens under a directory. @@ -170,6 +171,9 @@ xfs_khandle_to_dentry( if (!S_ISDIR(file_inode(file)->i_mode)) return ERR_PTR(-ENOTDIR); + if (memcmp(&handle->ha_fsid, mp->m_fixedfsid, sizeof(struct xfs_fsid))) + return ERR_PTR(-ESTALE); + if (handle->ha_fid.fid_len != xfs_filehandle_fid_len()) return ERR_PTR(-EINVAL);