All of lore.kernel.org
 help / color / mirror / Atom feed
From: Gabriel Krisman Bertazi <krisman@collabora.com>
To: jack@suse.com, amir73il@gmail.com
Cc: djwong@kernel.org, tytso@mit.edu, david@fromorbit.com,
	dhowells@redhat.com, khazhy@google.com,
	linux-fsdevel@vger.kernel.org, linux-ext4@vger.kernel.org,
	linux-api@vger.kernel.org,
	Gabriel Krisman Bertazi <krisman@collabora.com>,
	kernel@collabora.com
Subject: [PATCH v8 26/32] fanotify: WARN_ON against too large file handles
Date: Mon, 18 Oct 2021 21:00:09 -0300	[thread overview]
Message-ID: <20211019000015.1666608-27-krisman@collabora.com> (raw)
In-Reply-To: <20211019000015.1666608-1-krisman@collabora.com>

struct fanotify_error_event, at least, is preallocated and isn't able to
to handle arbitrarily large file handles.  Future-proof the code by
complaining loudly if a handle larger than MAX_HANDLE_SZ is ever found.

Signed-off-by: Gabriel Krisman Bertazi <krisman@collabora.com>
---
 fs/notify/fanotify/fanotify.c | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/fs/notify/fanotify/fanotify.c b/fs/notify/fanotify/fanotify.c
index cedcb1546804..45df610debbe 100644
--- a/fs/notify/fanotify/fanotify.c
+++ b/fs/notify/fanotify/fanotify.c
@@ -360,13 +360,23 @@ static u32 fanotify_group_event_mask(struct fsnotify_group *group,
 static int fanotify_encode_fh_len(struct inode *inode)
 {
 	int dwords = 0;
+	int fh_len;
 
 	if (!inode)
 		return 0;
 
 	exportfs_encode_inode_fh(inode, NULL, &dwords, NULL);
+	fh_len = dwords << 2;
 
-	return dwords << 2;
+	/*
+	 * struct fanotify_error_event might be preallocated and is
+	 * limited to MAX_HANDLE_SZ.  This should never happen, but
+	 * safeguard by forcing an invalid file handle.
+	 */
+	if (WARN_ON_ONCE(fh_len > MAX_HANDLE_SZ))
+		return 0;
+
+	return fh_len;
 }
 
 /*
-- 
2.33.0


  parent reply	other threads:[~2021-10-19  0:04 UTC|newest]

Thread overview: 66+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-10-18 23:59 [PATCH v8 00/32] file system-wide error monitoring Gabriel Krisman Bertazi
2021-10-18 23:59 ` [PATCH v8 01/32] fsnotify: pass data_type to fsnotify_name() Gabriel Krisman Bertazi
2021-10-18 23:59 ` [PATCH v8 02/32] fsnotify: pass dentry instead of inode data Gabriel Krisman Bertazi
2021-10-18 23:59 ` [PATCH v8 03/32] fsnotify: clarify contract for create event hooks Gabriel Krisman Bertazi
2021-10-18 23:59 ` [PATCH v8 04/32] fsnotify: Don't insert unmergeable events in hashtable Gabriel Krisman Bertazi
2021-10-18 23:59 ` [PATCH v8 05/32] fanotify: Fold event size calculation to its own function Gabriel Krisman Bertazi
2021-10-18 23:59 ` [PATCH v8 06/32] fanotify: Split fsid check from other fid mode checks Gabriel Krisman Bertazi
2021-10-18 23:59 ` [PATCH v8 07/32] inotify: Don't force FS_IN_IGNORED Gabriel Krisman Bertazi
2021-10-18 23:59 ` [PATCH v8 08/32] fsnotify: Add helper to detect overflow_event Gabriel Krisman Bertazi
2021-10-18 23:59 ` [PATCH v8 09/32] fsnotify: Add wrapper around fsnotify_add_event Gabriel Krisman Bertazi
2021-10-18 23:59 ` [PATCH v8 10/32] fsnotify: Retrieve super block from the data field Gabriel Krisman Bertazi
2021-10-18 23:59 ` [PATCH v8 11/32] fsnotify: Protect fsnotify_handle_inode_event from no-inode events Gabriel Krisman Bertazi
2021-10-19  5:34   ` Amir Goldstein
2021-10-19 10:01     ` Jan Kara
2021-10-18 23:59 ` [PATCH v8 12/32] fsnotify: Pass group argument to free_event Gabriel Krisman Bertazi
2021-10-18 23:59 ` [PATCH v8 13/32] fanotify: Support null inode event in fanotify_dfid_inode Gabriel Krisman Bertazi
2021-10-18 23:59 ` [PATCH v8 14/32] fanotify: Allow file handle encoding for unhashed events Gabriel Krisman Bertazi
2021-10-18 23:59 ` [PATCH v8 15/32] fanotify: Encode empty file handle when no inode is provided Gabriel Krisman Bertazi
2021-10-18 23:59 ` [PATCH v8 16/32] fanotify: Require fid_mode for any non-fd event Gabriel Krisman Bertazi
2021-10-19  0:00 ` [PATCH v8 17/32] fsnotify: Support FS_ERROR event type Gabriel Krisman Bertazi
2021-10-19  0:00 ` [PATCH v8 18/32] fanotify: Reserve UAPI bits for FAN_FS_ERROR Gabriel Krisman Bertazi
2021-10-19  0:00 ` [PATCH v8 19/32] fanotify: Pre-allocate pool of error events Gabriel Krisman Bertazi
2021-10-19  5:38   ` Amir Goldstein
2021-10-19 11:52     ` Jan Kara
2021-10-19  0:00 ` [PATCH v8 20/32] fanotify: Dynamically resize the FAN_FS_ERROR pool Gabriel Krisman Bertazi
2021-10-19  5:50   ` Amir Goldstein
2021-10-19 12:03     ` Jan Kara
2021-10-21 18:17       ` Gabriel Krisman Bertazi
2021-10-21 19:29         ` Jan Kara
2021-10-19  0:00 ` [PATCH v8 21/32] fanotify: Support enqueueing of error events Gabriel Krisman Bertazi
2021-10-19  5:52   ` Amir Goldstein
2021-10-19  0:00 ` [PATCH v8 22/32] fanotify: Support merging " Gabriel Krisman Bertazi
2021-10-19  5:56   ` Amir Goldstein
2021-10-19 13:52   ` Jan Kara
2021-10-19  0:00 ` [PATCH v8 23/32] fanotify: Wrap object_fh inline space in a creator macro Gabriel Krisman Bertazi
2021-10-19  6:09   ` Amir Goldstein
2021-10-19 13:58   ` Jan Kara
2021-10-19  0:00 ` [PATCH v8 24/32] fanotify: Add helpers to decide whether to report FID/DFID Gabriel Krisman Bertazi
2021-10-19  6:12   ` Amir Goldstein
2021-10-19 14:03   ` Jan Kara
2021-10-19  0:00 ` [PATCH v8 25/32] fanotify: Report fid entry even for zero-length file_handle Gabriel Krisman Bertazi
2021-10-19  6:13   ` Amir Goldstein
2021-10-19 14:08   ` Jan Kara
2021-10-19  0:00 ` Gabriel Krisman Bertazi [this message]
2021-10-19  6:02   ` [PATCH v8 26/32] fanotify: WARN_ON against too large file handles Amir Goldstein
2021-10-19 14:06   ` Jan Kara
2021-10-19  0:00 ` [PATCH v8 27/32] fanotify: Report fid info for file related file system errors Gabriel Krisman Bertazi
2021-10-19  6:07   ` Amir Goldstein
2021-10-19 14:41   ` Jan Kara
2021-10-19  0:00 ` [PATCH v8 28/32] fanotify: Emit generic error info for error event Gabriel Krisman Bertazi
2021-10-19  0:00 ` [PATCH v8 29/32] fanotify: Allow users to request FAN_FS_ERROR events Gabriel Krisman Bertazi
2021-10-19  5:57   ` Amir Goldstein
2021-10-19 15:24   ` Jan Kara
2021-10-19  0:00 ` [PATCH v8 30/32] ext4: Send notifications on error Gabriel Krisman Bertazi
2021-10-19 15:44   ` Jan Kara
2021-10-19 16:01     ` Jan Kara
2021-10-19 16:54       ` Gabriel Krisman Bertazi
2021-10-20  3:11         ` Theodore Ts'o
2021-10-19  0:00 ` [PATCH v8 31/32] samples: Add fs error monitoring example Gabriel Krisman Bertazi
2021-10-19 15:49   ` Jan Kara
2021-10-28 15:18   ` Guenter Roeck
2021-10-28 18:56     ` Gabriel Krisman Bertazi
2021-10-28 19:56       ` Guenter Roeck
2021-11-01 11:42       ` Jan Kara
2021-10-19  0:00 ` [PATCH v8 32/32] docs: Document the FAN_FS_ERROR event Gabriel Krisman Bertazi
2021-10-19 16:47   ` Jan Kara

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20211019000015.1666608-27-krisman@collabora.com \
    --to=krisman@collabora.com \
    --cc=amir73il@gmail.com \
    --cc=david@fromorbit.com \
    --cc=dhowells@redhat.com \
    --cc=djwong@kernel.org \
    --cc=jack@suse.com \
    --cc=kernel@collabora.com \
    --cc=khazhy@google.com \
    --cc=linux-api@vger.kernel.org \
    --cc=linux-ext4@vger.kernel.org \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=tytso@mit.edu \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.