diff mbox series

[v2] cifs: sanitize paths in cifs_update_super_prepath.

Message ID 20230405131647.6389-1-tbecker@redhat.com
State New
Headers show
Series [v2] cifs: sanitize paths in cifs_update_super_prepath. | expand

Commit Message

Thiago Becker April 5, 2023, 1:16 p.m. UTC
After a server reboot, clients are failing to move files with ENOENT.
This is caused by DFS referrals containing multiple separators, which
the server move call doesn't recognize.

v1: Initial patch.
v2: Move prototype to header.

BugLink: https://bugzilla.redhat.com/show_bug.cgi?id=2182472
Fixes: a31080899d5f ("cifs: sanitize multiple delimiters in prepath")
Actually-Fixes: 24e0a1eff9e2 ("cifs: switch to new mount api")
Signed-off-by: Thiago Rafael Becker <tbecker@redhat.com>
---
 fs/cifs/fs_context.c | 13 +++++++------
 fs/cifs/fs_context.h |  3 +++
 fs/cifs/misc.c       |  2 +-
 3 files changed, 11 insertions(+), 7 deletions(-)

Comments

Steve French April 5, 2023, 5:36 p.m. UTC | #1
Added to cifs-2.6.git for-next and updated the tag which says:

"Buglink:" to "Link:"  (see this email thread for context
https://lore.kernel.org/all/3b036087d80b8c0e07a46a1dbaaf4ad0d018f8d5.1674217480.git.linux@leemhuis.info/)

On Wed, Apr 5, 2023 at 8:28 AM Thiago Becker <tbecker@redhat.com> wrote:
>
> After a server reboot, clients are failing to move files with ENOENT.
> This is caused by DFS referrals containing multiple separators, which
> the server move call doesn't recognize.
>
> v1: Initial patch.
> v2: Move prototype to header.
>
> BugLink: https://bugzilla.redhat.com/show_bug.cgi?id=2182472
> Fixes: a31080899d5f ("cifs: sanitize multiple delimiters in prepath")
> Actually-Fixes: 24e0a1eff9e2 ("cifs: switch to new mount api")
> Signed-off-by: Thiago Rafael Becker <tbecker@redhat.com>
> ---
>  fs/cifs/fs_context.c | 13 +++++++------
>  fs/cifs/fs_context.h |  3 +++
>  fs/cifs/misc.c       |  2 +-
>  3 files changed, 11 insertions(+), 7 deletions(-)
>
> diff --git a/fs/cifs/fs_context.c b/fs/cifs/fs_context.c
> index 6d13f8207e96a..ace11a1a7c8ab 100644
> --- a/fs/cifs/fs_context.c
> +++ b/fs/cifs/fs_context.c
> @@ -441,13 +441,14 @@ int smb3_parse_opt(const char *options, const char *key, char **val)
>   * but there are some bugs that prevent rename from working if there are
>   * multiple delimiters.
>   *
> - * Returns a sanitized duplicate of @path. The caller is responsible for
> - * cleaning up the original.
> + * Returns a sanitized duplicate of @path. @gfp indicates the GFP_* flags
> + * for kstrdup.
> + * The caller is responsible for freeing the original.
>   */
>  #define IS_DELIM(c) ((c) == '/' || (c) == '\\')
> -static char *sanitize_path(char *path)
> +char *cifs_sanitize_prepath(char *prepath, gfp_t gfp)
>  {
> -       char *cursor1 = path, *cursor2 = path;
> +       char *cursor1 = prepath, *cursor2 = prepath;
>
>         /* skip all prepended delimiters */
>         while (IS_DELIM(*cursor1))
> @@ -469,7 +470,7 @@ static char *sanitize_path(char *path)
>                 cursor2--;
>
>         *(cursor2) = '\0';
> -       return kstrdup(path, GFP_KERNEL);
> +       return kstrdup(prepath, gfp);
>  }
>
>  /*
> @@ -531,7 +532,7 @@ smb3_parse_devname(const char *devname, struct smb3_fs_context *ctx)
>         if (!*pos)
>                 return 0;
>
> -       ctx->prepath = sanitize_path(pos);
> +       ctx->prepath = cifs_sanitize_prepath(pos, GFP_KERNEL);
>         if (!ctx->prepath)
>                 return -ENOMEM;
>
> diff --git a/fs/cifs/fs_context.h b/fs/cifs/fs_context.h
> index 3de00e7127ec4..f4eaf85589022 100644
> --- a/fs/cifs/fs_context.h
> +++ b/fs/cifs/fs_context.h
> @@ -287,4 +287,7 @@ extern void smb3_update_mnt_flags(struct cifs_sb_info *cifs_sb);
>   */
>  #define SMB3_MAX_DCLOSETIMEO (1 << 30)
>  #define SMB3_DEF_DCLOSETIMEO (1 * HZ) /* even 1 sec enough to help eg open/write/close/open/read */
> +
> +extern char *cifs_sanitize_prepath(char *prepath, gfp_t gfp);
> +
>  #endif
> diff --git a/fs/cifs/misc.c b/fs/cifs/misc.c
> index b44fb51968bfb..7f085ed2d866b 100644
> --- a/fs/cifs/misc.c
> +++ b/fs/cifs/misc.c
> @@ -1195,7 +1195,7 @@ int cifs_update_super_prepath(struct cifs_sb_info *cifs_sb, char *prefix)
>         kfree(cifs_sb->prepath);
>
>         if (prefix && *prefix) {
> -               cifs_sb->prepath = kstrdup(prefix, GFP_ATOMIC);
> +               cifs_sb->prepath = cifs_sanitize_prepath(prefix, GFP_ATOMIC);
>                 if (!cifs_sb->prepath)
>                         return -ENOMEM;
>
> --
> 2.39.2
>
diff mbox series

Patch

diff --git a/fs/cifs/fs_context.c b/fs/cifs/fs_context.c
index 6d13f8207e96a..ace11a1a7c8ab 100644
--- a/fs/cifs/fs_context.c
+++ b/fs/cifs/fs_context.c
@@ -441,13 +441,14 @@  int smb3_parse_opt(const char *options, const char *key, char **val)
  * but there are some bugs that prevent rename from working if there are
  * multiple delimiters.
  *
- * Returns a sanitized duplicate of @path. The caller is responsible for
- * cleaning up the original.
+ * Returns a sanitized duplicate of @path. @gfp indicates the GFP_* flags
+ * for kstrdup.
+ * The caller is responsible for freeing the original.
  */
 #define IS_DELIM(c) ((c) == '/' || (c) == '\\')
-static char *sanitize_path(char *path)
+char *cifs_sanitize_prepath(char *prepath, gfp_t gfp)
 {
-	char *cursor1 = path, *cursor2 = path;
+	char *cursor1 = prepath, *cursor2 = prepath;
 
 	/* skip all prepended delimiters */
 	while (IS_DELIM(*cursor1))
@@ -469,7 +470,7 @@  static char *sanitize_path(char *path)
 		cursor2--;
 
 	*(cursor2) = '\0';
-	return kstrdup(path, GFP_KERNEL);
+	return kstrdup(prepath, gfp);
 }
 
 /*
@@ -531,7 +532,7 @@  smb3_parse_devname(const char *devname, struct smb3_fs_context *ctx)
 	if (!*pos)
 		return 0;
 
-	ctx->prepath = sanitize_path(pos);
+	ctx->prepath = cifs_sanitize_prepath(pos, GFP_KERNEL);
 	if (!ctx->prepath)
 		return -ENOMEM;
 
diff --git a/fs/cifs/fs_context.h b/fs/cifs/fs_context.h
index 3de00e7127ec4..f4eaf85589022 100644
--- a/fs/cifs/fs_context.h
+++ b/fs/cifs/fs_context.h
@@ -287,4 +287,7 @@  extern void smb3_update_mnt_flags(struct cifs_sb_info *cifs_sb);
  */
 #define SMB3_MAX_DCLOSETIMEO (1 << 30)
 #define SMB3_DEF_DCLOSETIMEO (1 * HZ) /* even 1 sec enough to help eg open/write/close/open/read */
+
+extern char *cifs_sanitize_prepath(char *prepath, gfp_t gfp);
+
 #endif
diff --git a/fs/cifs/misc.c b/fs/cifs/misc.c
index b44fb51968bfb..7f085ed2d866b 100644
--- a/fs/cifs/misc.c
+++ b/fs/cifs/misc.c
@@ -1195,7 +1195,7 @@  int cifs_update_super_prepath(struct cifs_sb_info *cifs_sb, char *prefix)
 	kfree(cifs_sb->prepath);
 
 	if (prefix && *prefix) {
-		cifs_sb->prepath = kstrdup(prefix, GFP_ATOMIC);
+		cifs_sb->prepath = cifs_sanitize_prepath(prefix, GFP_ATOMIC);
 		if (!cifs_sb->prepath)
 			return -ENOMEM;