+++ /dev/null
-From 8c4bca10ceafc43b1ca0a9fab5fa27e13cbce99e Mon Sep 17 00:00:00 2001
-From: Eric Biggers <ebiggers@google.com>
-Date: Thu, 1 Jul 2021 23:53:47 -0700
-Subject: ext4: report correct st_size for encrypted symlinks
-
-From: Eric Biggers <ebiggers@google.com>
-
-commit 8c4bca10ceafc43b1ca0a9fab5fa27e13cbce99e upstream.
-
-The stat() family of syscalls report the wrong size for encrypted
-symlinks, which has caused breakage in several userspace programs.
-
-Fix this by calling fscrypt_symlink_getattr() after ext4_getattr() for
-encrypted symlinks. This function computes the correct size by reading
-and decrypting the symlink target (if it's not already cached).
-
-For more details, see the commit which added fscrypt_symlink_getattr().
-
-Fixes: f348c252320b ("ext4 crypto: add symlink encryption")
-Cc: stable@vger.kernel.org
-Link: https://lore.kernel.org/r/20210702065350.209646-3-ebiggers@kernel.org
-Signed-off-by: Eric Biggers <ebiggers@google.com>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- fs/ext4/symlink.c | 12 +++++++++++-
- 1 file changed, 11 insertions(+), 1 deletion(-)
-
---- a/fs/ext4/symlink.c
-+++ b/fs/ext4/symlink.c
-@@ -52,10 +52,20 @@ static const char *ext4_encrypted_get_li
- return paddr;
- }
-
-+static int ext4_encrypted_symlink_getattr(struct user_namespace *mnt_userns,
-+ const struct path *path,
-+ struct kstat *stat, u32 request_mask,
-+ unsigned int query_flags)
-+{
-+ ext4_getattr(mnt_userns, path, stat, request_mask, query_flags);
-+
-+ return fscrypt_symlink_getattr(path, stat);
-+}
-+
- const struct inode_operations ext4_encrypted_symlink_inode_operations = {
- .get_link = ext4_encrypted_get_link,
- .setattr = ext4_setattr,
-- .getattr = ext4_getattr,
-+ .getattr = ext4_encrypted_symlink_getattr,
- .listxattr = ext4_listxattr,
- };
-
+++ /dev/null
-From 461b43a8f92e68e96c4424b31e15f2b35f1bbfa9 Mon Sep 17 00:00:00 2001
-From: Eric Biggers <ebiggers@google.com>
-Date: Thu, 1 Jul 2021 23:53:48 -0700
-Subject: f2fs: report correct st_size for encrypted symlinks
-
-From: Eric Biggers <ebiggers@google.com>
-
-commit 461b43a8f92e68e96c4424b31e15f2b35f1bbfa9 upstream.
-
-The stat() family of syscalls report the wrong size for encrypted
-symlinks, which has caused breakage in several userspace programs.
-
-Fix this by calling fscrypt_symlink_getattr() after f2fs_getattr() for
-encrypted symlinks. This function computes the correct size by reading
-and decrypting the symlink target (if it's not already cached).
-
-For more details, see the commit which added fscrypt_symlink_getattr().
-
-Fixes: cbaf042a3cc6 ("f2fs crypto: add symlink encryption")
-Cc: stable@vger.kernel.org
-Link: https://lore.kernel.org/r/20210702065350.209646-4-ebiggers@kernel.org
-Signed-off-by: Eric Biggers <ebiggers@google.com>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- fs/f2fs/namei.c | 12 +++++++++++-
- 1 file changed, 11 insertions(+), 1 deletion(-)
-
---- a/fs/f2fs/namei.c
-+++ b/fs/f2fs/namei.c
-@@ -1256,9 +1256,19 @@ static const char *f2fs_encrypted_get_li
- return target;
- }
-
-+static int f2fs_encrypted_symlink_getattr(struct user_namespace *mnt_userns,
-+ const struct path *path,
-+ struct kstat *stat, u32 request_mask,
-+ unsigned int query_flags)
-+{
-+ f2fs_getattr(mnt_userns, path, stat, request_mask, query_flags);
-+
-+ return fscrypt_symlink_getattr(path, stat);
-+}
-+
- const struct inode_operations f2fs_encrypted_symlink_inode_operations = {
- .get_link = f2fs_encrypted_get_link,
-- .getattr = f2fs_getattr,
-+ .getattr = f2fs_encrypted_symlink_getattr,
- .setattr = f2fs_setattr,
- #ifdef CONFIG_F2FS_FS_XATTR
- .listxattr = f2fs_listxattr,
+++ /dev/null
-From d18760560593e5af921f51a8c9b64b6109d634c2 Mon Sep 17 00:00:00 2001
-From: Eric Biggers <ebiggers@google.com>
-Date: Thu, 1 Jul 2021 23:53:46 -0700
-Subject: fscrypt: add fscrypt_symlink_getattr() for computing st_size
-
-From: Eric Biggers <ebiggers@google.com>
-
-commit d18760560593e5af921f51a8c9b64b6109d634c2 upstream.
-
-Add a helper function fscrypt_symlink_getattr() which will be called
-from the various filesystems' ->getattr() methods to read and decrypt
-the target of encrypted symlinks in order to report the correct st_size.
-
-Detailed explanation:
-
-As required by POSIX and as documented in various man pages, st_size for
-a symlink is supposed to be the length of the symlink target.
-Unfortunately, st_size has always been wrong for encrypted symlinks
-because st_size is populated from i_size from disk, which intentionally
-contains the length of the encrypted symlink target. That's slightly
-greater than the length of the decrypted symlink target (which is the
-symlink target that userspace usually sees), and usually won't match the
-length of the no-key encoded symlink target either.
-
-This hadn't been fixed yet because reporting the correct st_size would
-require reading the symlink target from disk and decrypting or encoding
-it, which historically has been considered too heavyweight to do in
-->getattr(). Also historically, the wrong st_size had only broken a
-test (LTP lstat03) and there were no known complaints from real users.
-(This is probably because the st_size of symlinks isn't used too often,
-and when it is, typically it's for a hint for what buffer size to pass
-to readlink() -- which a slightly-too-large size still works for.)
-
-However, a couple things have changed now. First, there have recently
-been complaints about the current behavior from real users:
-
-- Breakage in rpmbuild:
- https://github.com/rpm-software-management/rpm/issues/1682
- https://github.com/google/fscrypt/issues/305
-
-- Breakage in toybox cpio:
- https://www.mail-archive.com/toybox@lists.landley.net/msg07193.html
-
-- Breakage in libgit2: https://issuetracker.google.com/issues/189629152
- (on Android public issue tracker, requires login)
-
-Second, we now cache decrypted symlink targets in ->i_link. Therefore,
-taking the performance hit of reading and decrypting the symlink target
-in ->getattr() wouldn't be as big a deal as it used to be, since usually
-it will just save having to do the same thing later.
-
-Also note that eCryptfs ended up having to read and decrypt symlink
-targets in ->getattr() as well, to fix this same issue; see
-commit 3a60a1686f0d ("eCryptfs: Decrypt symlink target for stat size").
-
-So, let's just bite the bullet, and read and decrypt the symlink target
-in ->getattr() in order to report the correct st_size. Add a function
-fscrypt_symlink_getattr() which the filesystems will call to do this.
-
-(Alternatively, we could store the decrypted size of symlinks on-disk.
-But there isn't a great place to do so, and encryption is meant to hide
-the original size to some extent; that property would be lost.)
-
-Cc: stable@vger.kernel.org
-Link: https://lore.kernel.org/r/20210702065350.209646-2-ebiggers@kernel.org
-Signed-off-by: Eric Biggers <ebiggers@google.com>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- fs/crypto/hooks.c | 44 ++++++++++++++++++++++++++++++++++++++++++++
- include/linux/fscrypt.h | 7 +++++++
- 2 files changed, 51 insertions(+)
-
---- a/fs/crypto/hooks.c
-+++ b/fs/crypto/hooks.c
-@@ -305,3 +305,47 @@ err_kfree:
- return ERR_PTR(err);
- }
- EXPORT_SYMBOL_GPL(fscrypt_get_symlink);
-+
-+/**
-+ * fscrypt_symlink_getattr() - set the correct st_size for encrypted symlinks
-+ * @path: the path for the encrypted symlink being queried
-+ * @stat: the struct being filled with the symlink's attributes
-+ *
-+ * Override st_size of encrypted symlinks to be the length of the decrypted
-+ * symlink target (or the no-key encoded symlink target, if the key is
-+ * unavailable) rather than the length of the encrypted symlink target. This is
-+ * necessary for st_size to match the symlink target that userspace actually
-+ * sees. POSIX requires this, and some userspace programs depend on it.
-+ *
-+ * This requires reading the symlink target from disk if needed, setting up the
-+ * inode's encryption key if possible, and then decrypting or encoding the
-+ * symlink target. This makes lstat() more heavyweight than is normally the
-+ * case. However, decrypted symlink targets will be cached in ->i_link, so
-+ * usually the symlink won't have to be read and decrypted again later if/when
-+ * it is actually followed, readlink() is called, or lstat() is called again.
-+ *
-+ * Return: 0 on success, -errno on failure
-+ */
-+int fscrypt_symlink_getattr(const struct path *path, struct kstat *stat)
-+{
-+ struct dentry *dentry = path->dentry;
-+ struct inode *inode = d_inode(dentry);
-+ const char *link;
-+ DEFINE_DELAYED_CALL(done);
-+
-+ /*
-+ * To get the symlink target that userspace will see (whether it's the
-+ * decrypted target or the no-key encoded target), we can just get it in
-+ * the same way the VFS does during path resolution and readlink().
-+ */
-+ link = READ_ONCE(inode->i_link);
-+ if (!link) {
-+ link = inode->i_op->get_link(dentry, inode, &done);
-+ if (IS_ERR(link))
-+ return PTR_ERR(link);
-+ }
-+ stat->size = strlen(link);
-+ do_delayed_call(&done);
-+ return 0;
-+}
-+EXPORT_SYMBOL_GPL(fscrypt_symlink_getattr);
---- a/include/linux/fscrypt.h
-+++ b/include/linux/fscrypt.h
-@@ -298,6 +298,7 @@ extern int __fscrypt_encrypt_symlink(str
- extern const char *fscrypt_get_symlink(struct inode *inode, const void *caddr,
- unsigned int max_size,
- struct delayed_call *done);
-+int fscrypt_symlink_getattr(const struct path *path, struct kstat *stat);
- static inline void fscrypt_set_ops(struct super_block *sb,
- const struct fscrypt_operations *s_cop)
- {
-@@ -585,6 +586,12 @@ static inline const char *fscrypt_get_sy
- return ERR_PTR(-EOPNOTSUPP);
- }
-
-+static inline int fscrypt_symlink_getattr(const struct path *path,
-+ struct kstat *stat)
-+{
-+ return -EOPNOTSUPP;
-+}
-+
- static inline void fscrypt_set_ops(struct super_block *sb,
- const struct fscrypt_operations *s_cop)
- {
arm64-dts-qcom-msm8994-angler-fix-gpio-reserved-ranges-85-88.patch
btrfs-fix-null-pointer-dereference-when-deleting-device-by-invalid-id.patch
revert-floppy-reintroduce-o_ndelay-fix.patch
-fscrypt-add-fscrypt_symlink_getattr-for-computing-st_size.patch
-ext4-report-correct-st_size-for-encrypted-symlinks.patch
-f2fs-report-correct-st_size-for-encrypted-symlinks.patch
-ubifs-report-correct-st_size-for-encrypted-symlinks.patch
revert-parisc-add-assembly-implementations-for-memset-strlen-strcpy-strncpy-and-strcat.patch
net-don-t-unconditionally-copy_from_user-a-struct-ifreq-for-socket-ioctls.patch
+++ /dev/null
-From 064c734986011390b4d111f1a99372b7f26c3850 Mon Sep 17 00:00:00 2001
-From: Eric Biggers <ebiggers@google.com>
-Date: Thu, 1 Jul 2021 23:53:49 -0700
-Subject: ubifs: report correct st_size for encrypted symlinks
-
-From: Eric Biggers <ebiggers@google.com>
-
-commit 064c734986011390b4d111f1a99372b7f26c3850 upstream.
-
-The stat() family of syscalls report the wrong size for encrypted
-symlinks, which has caused breakage in several userspace programs.
-
-Fix this by calling fscrypt_symlink_getattr() after ubifs_getattr() for
-encrypted symlinks. This function computes the correct size by reading
-and decrypting the symlink target (if it's not already cached).
-
-For more details, see the commit which added fscrypt_symlink_getattr().
-
-Fixes: ca7f85be8d6c ("ubifs: Add support for encrypted symlinks")
-Cc: stable@vger.kernel.org
-Link: https://lore.kernel.org/r/20210702065350.209646-5-ebiggers@kernel.org
-Signed-off-by: Eric Biggers <ebiggers@google.com>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- fs/ubifs/file.c | 13 ++++++++++++-
- 1 file changed, 12 insertions(+), 1 deletion(-)
-
---- a/fs/ubifs/file.c
-+++ b/fs/ubifs/file.c
-@@ -1629,6 +1629,17 @@ static const char *ubifs_get_link(struct
- return fscrypt_get_symlink(inode, ui->data, ui->data_len, done);
- }
-
-+static int ubifs_symlink_getattr(struct user_namespace *mnt_userns,
-+ const struct path *path, struct kstat *stat,
-+ u32 request_mask, unsigned int query_flags)
-+{
-+ ubifs_getattr(mnt_userns, path, stat, request_mask, query_flags);
-+
-+ if (IS_ENCRYPTED(d_inode(path->dentry)))
-+ return fscrypt_symlink_getattr(path, stat);
-+ return 0;
-+}
-+
- const struct address_space_operations ubifs_file_address_operations = {
- .readpage = ubifs_readpage,
- .writepage = ubifs_writepage,
-@@ -1654,7 +1665,7 @@ const struct inode_operations ubifs_file
- const struct inode_operations ubifs_symlink_inode_operations = {
- .get_link = ubifs_get_link,
- .setattr = ubifs_setattr,
-- .getattr = ubifs_getattr,
-+ .getattr = ubifs_symlink_getattr,
- #ifdef CONFIG_UBIFS_FS_XATTR
- .listxattr = ubifs_listxattr,
- #endif
projects / thirdparty / kernel / stable-queue.git / commitdiff
