Re: [PATCH] nfs: Fix security label length not being reset

From: J. Bruce Fields
Date: Tue Sep 15 2020 - 14:33:43 EST

Next message: Qian Cai: "Re: [RFC v7 11/19] lockdep: Fix recursive read lock related safe->unsafe detection"
Previous message: Borislav Petkov: "Re: [RFC][PATCH 0/4] Fix up ACPI processor idle vs RCU"
In reply to: Jeffrey Mitchell: "[PATCH] nfs: Fix security label length not being reset"
Next in thread: Jeffrey Mitchell: "[PATCH v2] nfs: Fix security label length not being reset"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Sep 14, 2020 at 10:49:57AM -0500, Jeffrey Mitchell wrote:
> nfs_readdir_page_filler() iterates over entries in a directory, reusing
> the same security label buffer, but does not reset the buffer's length.
> This causes decode_attr_security_label() to return -ERANGE if an entry's
> security label is longer than the previous one's. This error, in
> nfs4_decode_dirent(), only gets passed up as -EAGAIN, which causes another
> failed attempt to copy into the buffer. The second error is ignored and
> the remaining entries do not show up in ls, specifically the getdents64()
> syscall.
>
> Reproduce by creating multiple files in NFS and giving one of the later
> files a longer security label. ls will not see that file nor any that are
> added afterwards, though they will exist on the backend.

Please include these paragraphs in the changelog.

--b.

>
> - Jeffrey
>
> Jeffrey Mitchell (1):
> nfs: Fix security label length not being reset
>
> fs/nfs/dir.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> --
> 2.25.1

Next message: Qian Cai: "Re: [RFC v7 11/19] lockdep: Fix recursive read lock related safe->unsafe detection"
Previous message: Borislav Petkov: "Re: [RFC][PATCH 0/4] Fix up ACPI processor idle vs RCU"
In reply to: Jeffrey Mitchell: "[PATCH] nfs: Fix security label length not being reset"
Next in thread: Jeffrey Mitchell: "[PATCH v2] nfs: Fix security label length not being reset"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]