Re: [PATCH] fuse: reject fuse_notify() pagecache ops on directories

Next message: Srinivas Kandagatla: "Re: (subset) [PATCH 0/2] arm64: dts: qcom: glymur: Add QFPROM efuse support"
Previous message: Biju: "[PATCH v3 2/3] clk: renesas: rzg3s/rzg3l: Simplify PLL configuration macro"
In reply to: Miklos Szeredi: "Re: [PATCH] fuse: reject fuse_notify() pagecache ops on directories"
Next in thread: Miklos Szeredi: "Re: [PATCH] fuse: reject fuse_notify() pagecache ops on directories"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Jann Horn

Date: Tue May 19 2026 - 10:20:49 EST

On Tue, May 19, 2026 at 4:07 PM Miklos Szeredi <miklos@xxxxxxxxxx> wrote:
> On Tue, 19 May 2026 at 16:00, Jann Horn <jannh@xxxxxxxxxx> wrote:
> > The operations FUSE_NOTIFY_STORE and FUSE_NOTIFY_RETRIEVE allow the
> > FUSE daemon to actively write/read pagecache contents.
> >
> > For directories with FOPEN_CACHE_DIR, the pagecache is used as
> > kernel-internal cache storage, and userspace is not supposed to have
> > direct access to this cache - in particular, fuse_parse_cache() will hit
> > WARN_ON() if the cache contains bogus data.
> >
> > Reject FUSE_NOTIFY_STORE and FUSE_NOTIFY_RETRIEVE on directories with
> > -EINVAL.
>
> Good catch.
>
> Shouldn't this reject !S_ISREG()? Symlinks also use the page cache
> and could break if overwritten by arbitrary data.

Should it be `!(S_ISREG() || S_ISBLK())` ?
I think block devices are supposed to act roughly like regular files
in terms of pagecache, but IDK how that works in the context of FUSE.
Let me know which way you prefer and I'll send a v2.