Patch "afs: Hide silly-rename files from userspace" has been added to the 5.4-stable tree

Sasha Levin <sashal@xxxxxxxxxx> · Sat, 27 Jan 2024 07:57:54 -0500

This is a note to let you know that I've just added the patch titled

    afs: Hide silly-rename files from userspace

to the 5.4-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     afs-hide-silly-rename-files-from-userspace.patch
and it can be found in the queue-5.4 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.



commit 29aedf7c685dd6ad45a20870cef9bb6771b2c0a0
Author: David Howells <dhowells@xxxxxxxxxx>
Date:   Mon Jan 8 17:22:36 2024 +0000

    afs: Hide silly-rename files from userspace
    
    [ Upstream commit 57e9d49c54528c49b8bffe6d99d782ea051ea534 ]
    
    There appears to be a race between silly-rename files being created/removed
    and various userspace tools iterating over the contents of a directory,
    leading to such errors as:
    
            find: './kernel/.tmp_cpio_dir/include/dt-bindings/reset/.__afs2080': No such file or directory
            tar: ./include/linux/greybus/.__afs3C95: File removed before we read it
    
    when building a kernel.
    
    Fix afs_readdir() so that it doesn't return .__afsXXXX silly-rename files
    to userspace.  This doesn't stop them being looked up directly by name as
    we need to be able to look them up from within the kernel as part of the
    silly-rename algorithm.
    
    Fixes: 79ddbfa500b3 ("afs: Implement sillyrename for unlink and rename")
    Signed-off-by: David Howells <dhowells@xxxxxxxxxx>
    cc: Marc Dionne <marc.dionne@xxxxxxxxxxxx>
    cc: linux-afs@xxxxxxxxxxxxxxxxxxx
    Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>

diff --git a/fs/afs/dir.c b/fs/afs/dir.c
index 43f5b972fcea..8bed9df09230 100644
--- a/fs/afs/dir.c
+++ b/fs/afs/dir.c
@@ -421,6 +421,14 @@ static int afs_dir_iterate_block(struct afs_vnode *dvnode,
 			continue;
 		}
 
+		/* Don't expose silly rename entries to userspace. */
+		if (nlen > 6 &&
+		    dire->u.name[0] == '.' &&
+		    ctx->actor != afs_lookup_filldir &&
+		    ctx->actor != afs_lookup_one_filldir &&
+		    memcmp(dire->u.name, ".__afs", 6) == 0)
+			continue;
+
 		/* found the next entry */
 		if (!dir_emit(ctx, dire->u.name, nlen,
 			      ntohl(dire->u.vnode),







