linux/fs/nfs
Jorge Mora bcac8bff90 NFSv4.2: fix listxattr maximum XDR buffer size
Switch order of operations to avoid creating a short XDR buffer:
e.g., buflen = 12, old xdrlen = 12, new xdrlen = 20.

Having a short XDR buffer leads to lxa_maxcount be a few bytes
less than what is needed to retrieve the whole list when using
a buflen as returned by a call with size = 0:
    buflen = listxattr(path, NULL, 0);
    buf = malloc(buflen);
    buflen = listxattr(path, buf, buflen);

For a file with one attribute (name = '123456'), the first call
with size = 0 will return buflen = 12 ('user.123456\x00').
The second call with size = 12, sends LISTXATTRS with
lxa_maxcount = 12 + 8 (cookie) + 4 (array count) = 24. The
XDR buffer needs 8 (cookie) + 4 (array count) + 4 (name count)
+ 6 (name len) + 2 (padding) + 4 (eof) = 28 which is 4 bytes
shorter than the lxa_maxcount provided in the call.

Fixes: 04a5da690e ("NFSv4.2: define limits and sizes for user xattr handling")
Signed-off-by: Jorge Mora <mora@netapp.com>
Reviewed-by: Benjamin Coddington <bcodding@redhat.com>
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
2024-02-28 16:18:18 -05:00
..
blocklayout rpc_pipefs: Replace one label in bl_resolve_deviceid() 2024-01-04 10:47:56 -05:00
filelayout nfs41: Annotate struct nfs4_file_layout_dsaddr with __counted_by 2023-10-02 09:48:53 -07:00
flexfilelayout hardening updates for v6.7-rc1 2023-10-30 19:09:55 -10:00
cache_lib.c
cache_lib.h
callback_proc.c NFSv4.1: if referring calls are complete, trust the stateid argument 2024-01-04 10:47:56 -05:00
callback_xdr.c NFSv4.1: Use the nfs_client's rpc timeouts for backchannel 2024-01-04 17:01:01 -05:00
callback.c SUNRPC: discard sv_refcnt, and svc_get/svc_put 2024-01-07 17:54:33 -05:00
callback.h NFS Client Updates for Linux 6.8 2024-01-10 16:13:57 -08:00
client.c nfs: fix UAF on pathwalk running into umount 2024-02-25 02:10:32 -05:00
delegation.c NFSv4: fairly test all delegations on a SEQ4_ revocation 2023-11-01 15:15:52 -04:00
delegation.h NFSv4: fairly test all delegations on a SEQ4_ revocation 2023-11-01 15:15:52 -04:00
dir.c nfs: make nfs_set_verifier() safe for use in RCU pathwalk 2024-02-25 02:10:31 -05:00
direct.c NFS: drop unused nfs_direct_req bytes_left 2024-01-04 10:47:56 -05:00
dns_resolve.c NFS: Move common includes outside ifdef 2023-08-24 13:24:15 -04:00
dns_resolve.h NFS: Avoid memcpy() run-time warning for struct sockaddr overflows 2022-10-27 15:52:10 -04:00
export.c nfsd: allow reaping files still under writeback 2023-04-26 09:04:59 -04:00
file.c NFS Client Updates for Linux 6.8 2024-01-10 16:13:57 -08:00
fs_context.c NFS: Add an "xprtsec=" NFS mount option 2023-06-19 12:30:17 -04:00
fscache.c netfs, fscache: Remove ->begin_cache_operation 2023-12-24 15:08:48 +00:00
fscache.h netfs: Optimise away reads above the point at which there can be no data 2023-12-28 09:45:27 +00:00
getroot.c
inode.c nfs: convert to new timestamp accessors 2023-10-18 14:08:23 +02:00
internal.h NFS: drop unused nfs_direct_req bytes_left 2024-01-04 10:47:56 -05:00
io.c
iostat.h NFS: Remove all NFSIOS_FSCACHE counters due to conversion to netfs API 2023-04-11 13:08:26 -04:00
Kconfig netfs, fscache: Combine fscache with netfs 2023-12-24 15:08:46 +00:00
Makefile
mount_clnt.c NFS: Avoid memcpy() run-time warning for struct sockaddr overflows 2022-10-27 15:52:10 -04:00
namespace.c fs: pass the request_mask to generic_fillattr 2023-08-09 08:56:36 +02:00
netns.h
nfs2super.c
nfs2xdr.c NFS: Guard against READDIR loop when entry names exceed MAXNAMELEN 2023-08-30 11:08:27 -04:00
nfs3_fs.h fs: drop unused posix acl handlers 2023-03-06 09:57:12 +01:00
nfs3acl.c Mainly singleton patches all over the place. Series of note are: 2023-04-27 19:57:00 -07:00
nfs3client.c NFS/pNFS: Set the connect timeout for the pNFS flexfiles driver 2023-08-24 13:24:15 -04:00
nfs3proc.c nfs: Convert nfs_symlink() to use a folio 2023-11-01 15:40:44 -04:00
nfs3super.c fs: drop unused posix acl handlers 2023-03-06 09:57:12 +01:00
nfs3xdr.c NFS: Guard against READDIR loop when entry names exceed MAXNAMELEN 2023-08-30 11:08:27 -04:00
nfs4_fs.h NFS client updates for Linux 6.7 2023-11-08 13:39:16 -08:00
nfs4client.c NFSv4.1: fix pnfs MDS=DS session trunking 2023-09-13 11:51:11 -04:00
nfs4file.c fs: use splice_copy_file_range() inline helper 2023-12-12 16:20:02 +01:00
nfs4getroot.c
nfs4idmap.c cred: Do not default to init_cred in prepare_kernel_cred() 2022-11-01 10:04:52 -07:00
nfs4idmap.h
nfs4namespace.c NFS: Avoid memcpy() run-time warning for struct sockaddr overflows 2022-10-27 15:52:10 -04:00
nfs4proc.c NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 2024-02-28 16:18:18 -05:00
nfs4renewd.c
nfs4session.c
nfs4session.h
nfs4state.c NFSv4: Fix a state manager thread deadlock regression 2023-09-27 15:16:40 -04:00
nfs4super.c
nfs4sysctl.c fs: Remove the now superfluous sentinel elements from ctl_table array 2023-12-28 04:57:57 -08:00
nfs4trace.c
nfs4trace.h nfs4trace: fix state manager flag printing 2023-02-14 15:43:57 -05:00
nfs4xdr.c NFSv4: Always ask for type with READDIR 2024-01-04 10:47:56 -05:00
nfs42.h NFSv4.2: fix listxattr maximum XDR buffer size 2024-02-28 16:18:18 -05:00
nfs42proc.c nfs42: client needs to strip file mode's suid/sgid bit after ALLOCATE op 2023-10-11 09:37:48 -04:00
nfs42xattr.c list_lru: allow explicit memcg and NUMA node selection 2023-12-12 10:57:01 -08:00
nfs42xdr.c NFSv4.2: Rework scratch handling for READ_PLUS (again) 2023-08-23 15:58:47 -04:00
nfs.h nfs: move nfs4_xattr_handlers to .rodata 2023-10-09 16:24:20 +02:00
nfsroot.c NFS: Prefer strscpy over strlcpy calls 2023-05-22 12:34:41 -07:00
nfstrace.c
nfstrace.h NFS: drop unused nfs_direct_req bytes_left 2024-01-04 10:47:56 -05:00
pagelist.c NFS: Convert buffered read paths to use netfs when fscache is enabled 2023-04-11 13:08:26 -04:00
pnfs_dev.c NFSv4/pnfs: minor fix for cleanup path in nfs4_get_device_info 2023-08-24 13:24:15 -04:00
pnfs_nfs.c pNFS: Fix assignment of xprtdata.cred 2023-08-30 14:31:31 -04:00
pnfs.c pNFS: Fix the pnfs block driver's calculation of layoutget size 2024-01-04 10:47:56 -05:00
pnfs.h NFSv4/pnfs: Allow layoutget to return EAGAIN for softerr mounts 2023-10-22 19:47:56 -04:00
proc.c nfs: Convert nfs_symlink() to use a folio 2023-11-01 15:40:44 -04:00
read.c NFSv4.2: Rework scratch handling for READ_PLUS (again) 2023-08-23 15:58:47 -04:00
super.c NFS: Display the "fsc=" mount option if it is set 2024-02-28 16:18:18 -05:00
symlink.c fs: Change the type of filler_t 2022-05-09 16:36:48 -04:00
sysctl.c fs: Remove the now superfluous sentinel elements from ctl_table array 2023-12-28 04:57:57 -08:00
sysfs.c NFS: Fix sysfs server name memory leak 2023-08-19 10:26:29 -04:00
sysfs.h NFS: Add sysfs links to sunrpc clients for nfs_clients 2023-06-19 15:04:13 -04:00
unlink.c nfs: rename the nfs_async_rename_done tracepoint 2024-01-04 10:47:56 -05:00
write.c NFS Client Updates for Linux 6.8 2024-01-10 16:13:57 -08:00