[PATCH v8 26/32] fanotify: WARN_ON against too large file handles

[PATCH v8 00/32] file system-wide error monitoring · Gabriel Krisman Bertazi <hidden> · 2021-10-19
[PATCH v8 01/32] fsnotify: pass data_type to fsnotify_name() · Gabriel Krisman Bertazi <hidden> · 2021-10-19
[PATCH v8 02/32] fsnotify: pass dentry instead of inode data · Gabriel Krisman Bertazi <hidden> · 2021-10-19
[PATCH v8 03/32] fsnotify: clarify contract for create event hooks · Gabriel Krisman Bertazi <hidden> · 2021-10-19
[PATCH v8 04/32] fsnotify: Don't insert unmergeable events in hashtable · Gabriel Krisman Bertazi <hidden> · 2021-10-19
[PATCH v8 05/32] fanotify: Fold event size calculation to its own function · Gabriel Krisman Bertazi <hidden> · 2021-10-19
[PATCH v8 06/32] fanotify: Split fsid check from other fid mode checks · Gabriel Krisman Bertazi <hidden> · 2021-10-19
[PATCH v8 07/32] inotify: Don't force FS_IN_IGNORED · Gabriel Krisman Bertazi <hidden> · 2021-10-19
[PATCH v8 08/32] fsnotify: Add helper to detect overflow_event · Gabriel Krisman Bertazi <hidden> · 2021-10-19
[PATCH v8 09/32] fsnotify: Add wrapper around fsnotify_add_event · Gabriel Krisman Bertazi <hidden> · 2021-10-19
[PATCH v8 10/32] fsnotify: Retrieve super block from the data field · Gabriel Krisman Bertazi <hidden> · 2021-10-19
[PATCH v8 11/32] fsnotify: Protect fsnotify_handle_inode_event from no-inode events · Gabriel Krisman Bertazi <hidden> · 2021-10-19
Re: [PATCH v8 11/32] fsnotify: Protect fsnotify_handle_inode_event from no-inode events · Amir Goldstein <amir73il@gmail.com> · 2021-10-19
Re: [PATCH v8 11/32] fsnotify: Protect fsnotify_handle_inode_event from no-inode events · Jan Kara <jack@suse.cz> · 2021-10-19
[PATCH v8 12/32] fsnotify: Pass group argument to free_event · Gabriel Krisman Bertazi <hidden> · 2021-10-19
[PATCH v8 13/32] fanotify: Support null inode event in fanotify_dfid_inode · Gabriel Krisman Bertazi <hidden> · 2021-10-19
[PATCH v8 14/32] fanotify: Allow file handle encoding for unhashed events · Gabriel Krisman Bertazi <hidden> · 2021-10-19
[PATCH v8 15/32] fanotify: Encode empty file handle when no inode is provided · Gabriel Krisman Bertazi <hidden> · 2021-10-19
[PATCH v8 16/32] fanotify: Require fid_mode for any non-fd event · Gabriel Krisman Bertazi <hidden> · 2021-10-19
[PATCH v8 17/32] fsnotify: Support FS_ERROR event type · Gabriel Krisman Bertazi <hidden> · 2021-10-19
[PATCH v8 18/32] fanotify: Reserve UAPI bits for FAN_FS_ERROR · Gabriel Krisman Bertazi <hidden> · 2021-10-19
[PATCH v8 19/32] fanotify: Pre-allocate pool of error events · Gabriel Krisman Bertazi <hidden> · 2021-10-19
Re: [PATCH v8 19/32] fanotify: Pre-allocate pool of error events · Amir Goldstein <amir73il@gmail.com> · 2021-10-19
Re: [PATCH v8 19/32] fanotify: Pre-allocate pool of error events · Jan Kara <jack@suse.cz> · 2021-10-19
[PATCH v8 20/32] fanotify: Dynamically resize the FAN_FS_ERROR pool · Gabriel Krisman Bertazi <hidden> · 2021-10-19
Re: [PATCH v8 20/32] fanotify: Dynamically resize the FAN_FS_ERROR pool · Amir Goldstein <amir73il@gmail.com> · 2021-10-19
Re: [PATCH v8 20/32] fanotify: Dynamically resize the FAN_FS_ERROR pool · Jan Kara <jack@suse.cz> · 2021-10-19
[PATCH v8 21/32] fanotify: Support enqueueing of error events · Gabriel Krisman Bertazi <hidden> · 2021-10-19
Re: [PATCH v8 21/32] fanotify: Support enqueueing of error events · Amir Goldstein <amir73il@gmail.com> · 2021-10-19
[PATCH v8 22/32] fanotify: Support merging of error events · Gabriel Krisman Bertazi <hidden> · 2021-10-19
Re: [PATCH v8 22/32] fanotify: Support merging of error events · Amir Goldstein <amir73il@gmail.com> · 2021-10-19
Re: [PATCH v8 22/32] fanotify: Support merging of error events · Jan Kara <jack@suse.cz> · 2021-10-19
[PATCH v8 23/32] fanotify: Wrap object_fh inline space in a creator macro · Gabriel Krisman Bertazi <hidden> · 2021-10-19
Re: [PATCH v8 23/32] fanotify: Wrap object_fh inline space in a creator macro · Amir Goldstein <amir73il@gmail.com> · 2021-10-19
Re: [PATCH v8 23/32] fanotify: Wrap object_fh inline space in a creator macro · Jan Kara <jack@suse.cz> · 2021-10-19
[PATCH v8 24/32] fanotify: Add helpers to decide whether to report FID/DFID · Gabriel Krisman Bertazi <hidden> · 2021-10-19
Re: [PATCH v8 24/32] fanotify: Add helpers to decide whether to report FID/DFID · Amir Goldstein <amir73il@gmail.com> · 2021-10-19
Re: [PATCH v8 24/32] fanotify: Add helpers to decide whether to report FID/DFID · Jan Kara <jack@suse.cz> · 2021-10-19
[PATCH v8 25/32] fanotify: Report fid entry even for zero-length file_handle · Gabriel Krisman Bertazi <hidden> · 2021-10-19
Re: [PATCH v8 25/32] fanotify: Report fid entry even for zero-length file_handle · Amir Goldstein <amir73il@gmail.com> · 2021-10-19
Re: [PATCH v8 25/32] fanotify: Report fid entry even for zero-length file_handle · Jan Kara <jack@suse.cz> · 2021-10-19
[PATCH v8 26/32] fanotify: WARN_ON against too large file handles · Gabriel Krisman Bertazi <hidden> · 2021-10-19
Re: [PATCH v8 26/32] fanotify: WARN_ON against too large file handles · Amir Goldstein <amir73il@gmail.com> · 2021-10-19
Re: [PATCH v8 26/32] fanotify: WARN_ON against too large file handles · Jan Kara <jack@suse.cz> · 2021-10-19
[PATCH v8 27/32] fanotify: Report fid info for file related file system errors · Gabriel Krisman Bertazi <hidden> · 2021-10-19
Re: [PATCH v8 27/32] fanotify: Report fid info for file related file system errors · Amir Goldstein <amir73il@gmail.com> · 2021-10-19
Re: [PATCH v8 27/32] fanotify: Report fid info for file related file system errors · Jan Kara <jack@suse.cz> · 2021-10-19
[PATCH v8 28/32] fanotify: Emit generic error info for error event · Gabriel Krisman Bertazi <hidden> · 2021-10-19
[PATCH v8 29/32] fanotify: Allow users to request FAN_FS_ERROR events · Gabriel Krisman Bertazi <hidden> · 2021-10-19
Re: [PATCH v8 29/32] fanotify: Allow users to request FAN_FS_ERROR events · Amir Goldstein <amir73il@gmail.com> · 2021-10-19
Re: [PATCH v8 29/32] fanotify: Allow users to request FAN_FS_ERROR events · Jan Kara <jack@suse.cz> · 2021-10-19
[PATCH v8 30/32] ext4: Send notifications on error · Gabriel Krisman Bertazi <hidden> · 2021-10-19
Re: [PATCH v8 30/32] ext4: Send notifications on error · Jan Kara <jack@suse.cz> · 2021-10-19
Re: [PATCH v8 30/32] ext4: Send notifications on error · Jan Kara <jack@suse.cz> · 2021-10-19
[PATCH v8 31/32] samples: Add fs error monitoring example · Gabriel Krisman Bertazi <hidden> · 2021-10-19
Re: [PATCH v8 31/32] samples: Add fs error monitoring example · Jan Kara <jack@suse.cz> · 2021-10-19
Re: [PATCH v8 31/32] samples: Add fs error monitoring example · Guenter Roeck <linux@roeck-us.net> · 2021-10-28
[PATCH v8 32/32] docs: Document the FAN_FS_ERROR event · Gabriel Krisman Bertazi <hidden> · 2021-10-19
Re: [PATCH v8 32/32] docs: Document the FAN_FS_ERROR event · Jan Kara <jack@suse.cz> · 2021-10-19

STALE1682d

Revisions (3)

2021-10-14 v7 [diff vs current]
2021-10-19 v8 current
2021-10-25 v9 [diff vs current]

From: Gabriel Krisman Bertazi <hidden>
Date: 2021-10-19 00:04:01
Also in: linux-api, linux-fsdevel
Subsystem: fanotify, filesystems (vfs and infrastructure), fsnotify: filesystem notification infrastructure, the rest · Maintainers: Jan Kara, Alexander Viro, Christian Brauner, Linus Torvalds

struct fanotify_error_event, at least, is preallocated and isn't able to
to handle arbitrarily large file handles.  Future-proof the code by
complaining loudly if a handle larger than MAX_HANDLE_SZ is ever found.

Signed-off-by: Gabriel Krisman Bertazi <redacted>
---
 fs/notify/fanotify/fanotify.c | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/fs/notify/fanotify/fanotify.c b/fs/notify/fanotify/fanotify.c
index cedcb1546804..45df610debbe 100644
--- a/fs/notify/fanotify/fanotify.c
+++ b/fs/notify/fanotify/fanotify.c

@@ -360,13 +360,23 @@ static u32 fanotify_group_event_mask(struct fsnotify_group *group,
 static int fanotify_encode_fh_len(struct inode *inode)
 {
 	int dwords = 0;
+	int fh_len;
 
 	if (!inode)
 		return 0;
 
 	exportfs_encode_inode_fh(inode, NULL, &dwords, NULL);
+	fh_len = dwords << 2;
 
-	return dwords << 2;
+	/*
+	 * struct fanotify_error_event might be preallocated and is
+	 * limited to MAX_HANDLE_SZ.  This should never happen, but
+	 * safeguard by forcing an invalid file handle.
+	 */
+	if (WARN_ON_ONCE(fh_len > MAX_HANDLE_SZ))
+		return 0;
+
+	return fh_len;
 }
 
 /*

-- 
2.33.0

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help