fuse2fs: check for supported xattr name prefixes

Ignore any xattr calls for name prefixes that the kernel doesn't also
support.

Signed-off-by: Darrick J. Wong <djwong@kernel.org>
Link: https://lore.kernel.org/r/174786677959.1383760.12099114841852662650.stgit@frogsfrogsfrogs
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

diff --git a/lib/ext2fs/ext2fsP.h b/lib/ext2fs/ext2fsP.h
index d1f2105e9813caddb355ea54ae80da781d815457..428081c9e2ff38df5bcb488fd12658cfb0493365 100644 (file)
--- a/lib/ext2fs/ext2fsP.h
+++ b/lib/ext2fs/ext2fsP.h
@@ -214,4 +214,7 @@ typedef void (*ext2_exit_fn)(void *);
 errcode_t ext2fs_add_exit_fn(ext2_exit_fn fn, void *data);
 errcode_t ext2fs_remove_exit_fn(ext2_exit_fn fn, void *data);
 
+#define ARRAY_SIZE(array)                      \
+        (sizeof(array) / sizeof(array[0]))
+
 #define EXT2FS_BUILD_BUG_ON(cond) ((void)sizeof(char[1 - 2*!!(cond)]))

diff --git a/misc/fuse2fs.c b/misc/fuse2fs.c
index 0d65d63b7eeb13fa5afd8f25c6838964a78db706..9bfddb8ccc82132b128f77d2f7254457aa924e20 100644 (file)
--- a/misc/fuse2fs.c
+++ b/misc/fuse2fs.c
@@ -2474,6 +2474,27 @@ static int op_statfs(const char *path EXT2FS_ATTR((unused)),
        return 0;
 }
 
+static const char *valid_xattr_prefixes[] = {
+       "user.",
+       "trusted.",
+       "security.",
+       "gnu.",
+       "system.",
+};
+
+static int validate_xattr_name(const char *name)
+{
+       int i;
+
+       for (i = 0; i < ARRAY_SIZE(valid_xattr_prefixes); i++) {
+               if (!strncmp(name, valid_xattr_prefixes[i],
+                                       strlen(valid_xattr_prefixes[i])))
+                       return 1;
+       }
+
+       return 0;
+}
+
 static int op_getxattr(const char *path, const char *key, char *value,
                       size_t len)
 {
@@ -2487,6 +2508,9 @@ static int op_getxattr(const char *path, const char *key, char *value,
        errcode_t err;
        int ret = 0;
 
+       if (!validate_xattr_name(key))
+               return -ENODATA;
+
        FUSE2FS_CHECK_CONTEXT(ff);
        fs = ff->fs;
        pthread_mutex_lock(&ff->bfl);
@@ -2657,6 +2681,9 @@ static int op_setxattr(const char *path EXT2FS_ATTR((unused)),
        if (flags & ~(XATTR_CREATE | XATTR_REPLACE))
                return -EOPNOTSUPP;
 
+       if (!validate_xattr_name(key))
+               return -EINVAL;
+
        FUSE2FS_CHECK_CONTEXT(ff);
        fs = ff->fs;
        pthread_mutex_lock(&ff->bfl);
@@ -2745,6 +2772,16 @@ static int op_removexattr(const char *path, const char *key)
        errcode_t err;
        int ret = 0;
 
+       /*
+        * Once in a while libfuse gives us a no-name xattr to delete as part
+        * of clearing ACLs.  Just pretend we cleared them.
+        */
+       if (key[0] == 0)
+               return 0;
+
+       if (!validate_xattr_name(key))
+               return -ENODATA;
+
        FUSE2FS_CHECK_CONTEXT(ff);
        fs = ff->fs;
        pthread_mutex_lock(&ff->bfl);