[PATCH v11 44/48] nfs: Fix GETATTR bitmap verification

[PATCH v11 00/48] Richacls · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16
[PATCH v11 01/48] vfs: Add IS_ACL() and IS_RICHACL() tests · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16
[PATCH v11 02/48] vfs: Add MAY_CREATE_FILE and MAY_CREATE_DIR permission flags · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16
[PATCH v11 03/48] vfs: Add MAY_DELETE_SELF and MAY_DELETE_CHILD permission flags · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16
[PATCH v11 04/48] vfs: Make the inode passed to inode_change_ok non-const · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16
[PATCH v11 05/48] vfs: Add permission flags for setting file attributes · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16
[PATCH v11 06/48] richacl: In-memory representation and helper functions · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16
[PATCH v11 07/48] richacl: Permission mapping functions · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16
[PATCH v11 08/48] richacl: Compute maximum file masks from an acl · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16
[PATCH v11 09/48] richacl: Permission check algorithm · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16
[PATCH v11 10/48] vfs: Cache base_acl objects in inodes · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16
[PATCH v11 11/48] vfs: Add get_richacl and set_richacl inode operations · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16
[PATCH v11 12/48] vfs: Cache richacl in struct inode · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16
[PATCH v11 14/48] richacl: Check if an acl is equivalent to a file mode · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16
[PATCH v11 15/48] richacl: Create-time inheritance · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16
[PATCH v11 16/48] richacl: Automatic Inheritance · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16
Re: [PATCH v11 16/48] richacl: Automatic Inheritance · Andy Lutomirski <luto@amacapital.net> · 2015-10-16
[PATCH v11 17/48] richacl: xattr mapping functions · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16
[PATCH v11 19/48] vfs: Add richacl permission checking · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16
[PATCH v11 20/48] ext4: Add richacl support · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16
[PATCH v11 22/48] xfs: Fix error path in xfs_get_acl · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16
[PATCH v11 23/48] xfs: Make xfs_set_mode non-static · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16
[PATCH v11 24/48] xfs: Add richacl support · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16
[PATCH v11 25/48] richacl: acl editing helper functions · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16
[PATCH v11 26/48] richacl: Move everyone@ aces down the acl · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16
[PATCH v11 28/48] richacl: Set the owner permissions to the owner mask · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16
[PATCH v11 29/48] richacl: Set the other permissions to the other mask · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16
[PATCH v11 30/48] richacl: Isolate the owner and group classes · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16
[PATCH v11 31/48] richacl: Apply the file masks to a richacl · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16
[PATCH v11 32/48] richacl: Create richacl from mode values · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16
[PATCH v11 34/48] nfsd: Use richacls as internal acl representation · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16
[PATCH v11 36/48] nfsd: Add support for the v4.1 dacl attribute · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16
[PATCH v11 37/48] nfsd: Add support for the MAY_CREATE_{FILE,DIR} permissions · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16
[PATCH v11 38/48] richacl: Add support for unmapped identifiers · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16
[PATCH v11 39/48] nfsd: Add support for unmapped richace identifiers · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16
[PATCH v11 40/48] ext4: Don't allow unmapped identifiers in richacls · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16
[PATCH v11 41/48] xfs: Don't allow unmapped identifiers in richacls · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16
[PATCH v11 42/48] sunrpc: Allow to demand-allocate pages to encode into · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16
[PATCH v11 43/48] sunrpc: Add xdr_init_encode_pages · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16
[PATCH v11 44/48] nfs: Fix GETATTR bitmap verification · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16
[PATCH v11 45/48] nfs: Remove unused xdr page offsets in getacl/setacl arguments · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16
[PATCH v11 46/48] nfs: Distinguish missing users and groups from nobody · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16
[PATCH v11 47/48] nfs: Add richacl support · Andreas Gruenbacher <agruenba@redhat.com> · 2015-10-16

STALE3884d

Revisions (3)

2015-10-16 v11 current
2015-10-23 v12 [diff vs current]
2015-11-03 v13 [diff vs current]

From: Andreas Gruenbacher <agruenba@redhat.com>
Date: 2015-10-16 15:18:22
Also in: linux-api, linux-cifs, linux-fsdevel, linux-nfs, linux-xfs, lkml
Subsystem: filesystems (vfs and infrastructure), nfs, sunrpc, and lockd clients, the rest · Maintainers: Alexander Viro, Christian Brauner, Trond Myklebust, Anna Schumaker, Linus Torvalds

When decoding GETATTR replies, the client checks the attribute bitmap
for which attributes the server has sent.  It misses bits at the word
boundaries, though; fix that.

Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
---
 fs/nfs/nfs4xdr.c | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/fs/nfs/nfs4xdr.c b/fs/nfs/nfs4xdr.c
index 788adf3..6f6d921 100644
--- a/fs/nfs/nfs4xdr.c
+++ b/fs/nfs/nfs4xdr.c

@@ -4375,6 +4375,11 @@ static int decode_statfs(struct xdr_stream *xdr, struct nfs_fsstat *fsstat)
 		goto xdr_error;
 	if ((status = decode_attr_files_total(xdr, bitmap, &fsstat->tfiles)) != 0)
 		goto xdr_error;
+
+	status = -EIO;
+	if (unlikely(bitmap[0]))
+		goto xdr_error;
+
 	if ((status = decode_attr_space_avail(xdr, bitmap, &fsstat->abytes)) != 0)
 		goto xdr_error;
 	if ((status = decode_attr_space_free(xdr, bitmap, &fsstat->fbytes)) != 0)

@@ -4574,6 +4579,10 @@ static int decode_getfattr_attrs(struct xdr_stream *xdr, uint32_t *bitmap,
 		goto xdr_error;
 	fattr->valid |= status;
 
+	status = -EIO;
+	if (unlikely(bitmap[0]))
+		goto xdr_error;
+
 	status = decode_attr_mode(xdr, bitmap, &fmode);
 	if (status < 0)
 		goto xdr_error;

@@ -4627,6 +4636,10 @@ static int decode_getfattr_attrs(struct xdr_stream *xdr, uint32_t *bitmap,
 		goto xdr_error;
 	fattr->valid |= status;
 
+	status = -EIO;
+	if (unlikely(bitmap[1]))
+		goto xdr_error;
+
 	status = decode_attr_mdsthreshold(xdr, bitmap, fattr->mdsthreshold);
 	if (status < 0)
 		goto xdr_error;

@@ -4789,12 +4802,22 @@ static int decode_fsinfo(struct xdr_stream *xdr, struct nfs_fsinfo *fsinfo)
 	if ((status = decode_attr_maxwrite(xdr, bitmap, &fsinfo->wtmax)) != 0)
 		goto xdr_error;
 	fsinfo->wtpref = fsinfo->wtmax;
+
+	status = -EIO;
+	if (unlikely(bitmap[0]))
+		goto xdr_error;
+
 	status = decode_attr_time_delta(xdr, bitmap, &fsinfo->time_delta);
 	if (status != 0)
 		goto xdr_error;
 	status = decode_attr_pnfstype(xdr, bitmap, &fsinfo->layouttype);
 	if (status != 0)
 		goto xdr_error;
+
+	status = -EIO;
+	if (unlikely(bitmap[1]))
+		goto xdr_error;
+
 	status = decode_attr_layout_blksize(xdr, bitmap, &fsinfo->blksize);
 	if (status)
 		goto xdr_error;

-- 
2.5.0

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help