[PATCH 2/2] afs: Fix afs_listxattr() to not list afs ACL special xattrs

Marc Dionne marc.c.dionne at gmail.com
Thu Mar 11 18:59:06 GMT 2021 

On Thu, Mar 11, 2021 at 10:10 AM David Howells <dhowells at redhat.com> wrote:
>
> afs_listxattr() lists all the available special afs xattrs (i.e. those in
> the "afs.*" space), no matter what type of server we're dealing with.  But
> OpenAFS servers, for example, cannot deal with some of the extra-capable
> attributes that AuriStor (YFS) servers provide.  Unfortunately, the
> presence of the afs.yfs.* attributes causes errors[1] for anything that
> tries to read them if the server is of the wrong type.
>
> Fix afs_listxattr() so that it doesn't list any of the AFS ACL xattrs.  It
> does mean, however, that getfattr won't list them, though they can still be
> accessed with getxattr() and setxattr().
>
> This can be tested with something like:
>
>         getfattr -d -m ".*" /afs/example.com/path/to/file
>
> With this change, none of the afs.* ACL attributes should be visible.
>
> Fixes: ae46578b963f ("afs: Get YFS ACLs and information through xattrs")
> Reported-by: Gaja Sophie Peters <gaja.peters at math.uni-hamburg.de>
> Signed-off-by: David Howells <dhowells at redhat.com>
> Tested-by: Gaja Sophie Peters <gaja.peters at math.uni-hamburg.de>
> cc: linux-afs at lists.infradead.org
> Link: http://lists.infradead.org/pipermail/linux-afs/2021-March/003502.html [1]
> ---
>
>  fs/afs/xattr.c |    7 +------
>  1 file changed, 1 insertion(+), 6 deletions(-)
>
> diff --git a/fs/afs/xattr.c b/fs/afs/xattr.c
> index 4934e325a14a..81a6aec764cc 100644
> --- a/fs/afs/xattr.c
> +++ b/fs/afs/xattr.c
> @@ -12,14 +12,9 @@
>  #include "internal.h"
>
>  static const char afs_xattr_list[] =
> -       "afs.acl\0"
>         "afs.cell\0"
>         "afs.fid\0"
> -       "afs.volume\0"
> -       "afs.yfs.acl\0"
> -       "afs.yfs.acl_inherited\0"
> -       "afs.yfs.acl_num_cleaned\0"
> -       "afs.yfs.vol_acl";
> +       "afs.volume";
>
>  /*
>   * Retrieve a list of the supported xattrs.

As Jeffrey suggested, you may want to consider not exposing any of
them, but this seems fine to me.

Besides the reasons you mention, acls getting copied blindly is not a
good idea.  The source and target may be in different cells where
users and groups mean different things.  For files, it may switch them
from inheriting permissions from their parent to having their own ACL,
etc.

Reviewed-by: Marc Dionne <marc.dionne at auristor.com>

Marc

More information about the linux-afs mailing list