Received: by 2002:ab2:3141:0:b0:1ed:23cc:44d1 with SMTP id i1csp1879028lqg; Mon, 4 Mar 2024 06:39:39 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCXEajPefS/YtXMJKIcW7t9KqluekDopYnpDdGsrLIsC2iL6MdY+EoRPY25IDMsNh5bdhpFFiFIew7w4UEOoFZbqymkTgiZMEma7574FzQ== X-Google-Smtp-Source: AGHT+IFHwnDeJCwngiw96tOkDmObR9RK2OiJ4kp10q3nuUaq1bkFZWWkabT50t3aygwYEfb47CEw X-Received: by 2002:a17:907:20b9:b0:a43:6cd2:7a27 with SMTP id pw25-20020a17090720b900b00a436cd27a27mr5678362ejb.19.1709563178851; Mon, 04 Mar 2024 06:39:38 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1709563178; cv=pass; d=google.com; s=arc-20160816; b=r0i144m1uzCww5wx138VDTqnQyZfKoVJGciUNsuv55UGnmxo5kS0Lb2SLPialc1CNK mhjvTm5ODh74AKnyMAno705kRHQ+fXKHTZFXozvibl8+fETWx0AzpLjNmdE+6yspk4Rx vWeKH84aKcszxwasVgf1UAnBIMnB9V7Syhlhns8kK5LdqARoc8xFn8FUqLUunRCdKZmr 3ahL1CPy3Zug5jfNYy5ZrcVYgmiSIlVkn/rDn6yOvEoN7krUXc5EuH6H63z+v1lppGSW zbY7LOdB7feW6qIwKW4HobvLU313dFSxJ/ExCPVzfpGfBFnPk8NLG8JFRfmi6wwmCsOg gCWA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date:dkim-signature; bh=mDY+oPUn7d2Fz/hG6+v5M9yXk4XjIRTmvcvXYh3ystg=; fh=JwnHOgoPLV3FzzG6MtCD7/eQPPP3DmKK9l6NDnSGi5c=; b=qwzT7QzxyXls4G/rWDbwJoZ6Pb0c2/8eKzdQ540w7g2DNoSd6gB7OSa9biD9xfS1Lx raaJV/61MeUMXeCR0kCOGofHn26x7eeJkuK/hK3OdXvkPHM5B9GQ98Gg3c+lXF17PoRF kMrEkMKdQtMrt7aW6iNl7HEJZ4nAzNQk++YiFHU4a+nii/qB6sln/NZdfsWEZ2vvUOxM yv4c8afwole9PWF7kKTVDrUCbqdif4/fKahZYcTrjxiK+loOK8LdYR7r4J2iz1FqAlxe omexn2TUrBHj/Fb7o7dXFa9qjPdCmX4xi7Ultf82zNOtjEXZzCjFzmL84DCh8UPk+ccP RMrg==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=Igjde9ZN; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-90739-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-90739-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249]) by mx.google.com with ESMTPS id bn1-20020a170907268100b00a4567a9c9d9si568562ejc.1031.2024.03.04.06.39.38 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 04 Mar 2024 06:39:38 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-90739-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=Igjde9ZN; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-90739-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-90739-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 9DED21F26C84 for ; Mon, 4 Mar 2024 14:37:38 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 3A599482C9; Mon, 4 Mar 2024 14:35:49 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="Igjde9ZN" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5D8FD481CD; Mon, 4 Mar 2024 14:35:48 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709562948; cv=none; b=PR2Fb4Fr6oBVuQR27bq215jfbMn5kP/WeuDMBj6zNnz954G4O4q39yUobZCFYVykLwxkAb6rcPmxpJQgpdozlKiZFTeoHx2j3jypiP6cavL+0BA+gaLIkqa6cIAEv2At0xmg0udfPt3r6a5VMBNKoD3DshPlJ4YlLBjlsxn8Myk= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709562948; c=relaxed/simple; bh=q9f7jSXfpd9bEo6UkCv1LEyThgtNtItIMZvG8v/XxyU=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=LAACIyKmar0v610IM6QYiTt1+06qutbr8paidy5IjorPXPl8EDxvrKuSFKHAkbmelOGNYzCvidd/qPQKV4Ui7466XhmkeFFSsAkBXeUJNVHkMC1zjWaIy/dmjAWmGIeNy9jY+FDbIhKQv2gSK8bAuJU6jalv6JXLNuiRGMZ/hNg= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=Igjde9ZN; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id AAAFAC433F1; Mon, 4 Mar 2024 14:35:47 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1709562947; bh=q9f7jSXfpd9bEo6UkCv1LEyThgtNtItIMZvG8v/XxyU=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=Igjde9ZNKPtjRk1+omIGDhEgrS4a4lSnvVm69VeaEefz65x/Er0tW7LU5p18gAUvp k4iYZNWyO9p3EfLjkO2FcTbto/ZlZPLbh1q5mkSo/z7ApTi2VlszMinw/0ADoter7x TnF6JSMwoNZFJLAkOvctELk+1a4f3c4QXiE/o+9FBLEqDq5twdMEMmLuFK5qaOKLVt ugf5Y/4vDBMgs+2plwRmO01C7QgqDUDPBv1p/K15nY+wEbHLVOfpGBpF0O5UnsWJGA 8c52lqpM4M2Tkfs2B/PZF8hGYrUSr5gPYuNaLKbLmB2KSiizNiQ2U67AA6oPDja+TP hm/OxdSV3Zztw== Date: Mon, 4 Mar 2024 08:35:46 -0600 From: Seth Forshee To: Christian Brauner Cc: Christian Schoenebeck , Eric Van Hensbergen , Latchesar Ionkov , Dominique Martinet , v9fs@lists.linux.dev, linux-kernel@vger.kernel.org, xingwei lee , sam sun Subject: Re: [PATCH] 9p: cap xattr max size to XATTR_SIZE_MAX Message-ID: References: <20240304-xattr_maxsize-v1-1-322357ec6bdf@codewreck.org> <4091309.WcpKHNDlqE@silver> <20240304-zeitschrift-tagung-6f2a28e781bc@brauner> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20240304-zeitschrift-tagung-6f2a28e781bc@brauner> On Mon, Mar 04, 2024 at 03:19:58PM +0100, Christian Brauner wrote: > On Mon, Mar 04, 2024 at 02:35:07PM +0100, Christian Schoenebeck wrote: > > On Monday, March 4, 2024 1:42:43 PM CET Dominique Martinet wrote: > > > We probably shouldn't ever get an xattr bigger than that, and the current check > > > of SSIZE_MAX is a bit too large. > > > > Maybe, OTOH e.g. ACLs (dynamic size) are implemented by storing them as xattrs > > on 9p server as well, and this change somewhat expects server to run Linux as > > well. So maybe s/XATTR_SIZE_MAX/KMALLOC_MAX_SIZE/ might be more appropriate, > > considering that this patch is about fixing a potential kmalloc() warning? > > > > Worth to mention in the commit log BTW what the issue was. > > > > /Christian > > So the error is somewhat specific to filesystem capabilities which also > live in the xattr apis but Seth is working to get rid of them in there. > > They currently use a special api vfs_getxattr_alloc() which is an > in-kernel api that does a racy query-size+allocate-buffer+retrieve-data > dance. Yes, the patches I've sent does use vfs_getxattr_alloc() for fscaps anymore. > That api is used for fscaps, security labels, and other xattrs. And that > api doesn't do any size checks which probably should also be fixed now > that I write this. > > @Seth? I agree. I don't see any reason that vfs_getxattr_alloc() shouldn't just bail out with an error if the size of the xattr is >= XATTR_SIZE_MAX.