git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Benjamin Berg <benjamin.berg@intel.com>
	Fri, 14 Feb 2025 09:28:22 +0000 (10:28 +0100)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Thu, 10 Apr 2025 12:39:25 +0000 (14:39 +0200)
commit	a8edfc206ed109201c9d1dc7a5da3d3da20949d5
tree	a9c80daef71f2229c2be0a7636ea3c60368fedda	tree
parent	5b37d2370d0c37fbf4dd7e6842cd1e0145605fbc	commit \| diff

um: hostfs: avoid issues on inode number reuse by host

[ Upstream commit 0bc754d1e31f40f4a343b692096d9e092ccc0370 ]

Some file systems (e.g. ext4) may reuse inode numbers once the inode is
not in use anymore. Usually hostfs will keep an FD open for each inode,
but this is not always the case. In the case of sockets, this cannot
even be done properly.

As such, the following sequence of events was possible:
* application creates and deletes a socket
* hostfs creates/deletes the socket on the host
* inode is still in the hostfs cache
* hostfs creates a new file
* ext4 on the outside reuses the inode number
* hostfs finds the socket inode for the newly created file
* application receives -ENXIO when opening the file

As mentioned, this can only happen if the deleted file is a special file
that is never opened on the host (i.e. no .open fop).

As such, to prevent issues, it is sufficient to check that the inode
has the expected type. That said, also add a check for the inode birth
time, just to be on the safe side.

Fixes: 74ce793bcbde ("hostfs: Fix ephemeral inodes")
Signed-off-by: Benjamin Berg <benjamin.berg@intel.com>
Reviewed-by: Mickaël Salaün <mic@digikod.net>
Tested-by: Mickaël Salaün <mic@digikod.net>
Link: https://patch.msgid.link/20250214092822.1241575-1-benjamin@sipsolutions.net
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>

fs/hostfs/hostfs.h		diff \| blob \| blame \| history
fs/hostfs/hostfs_kern.c		diff \| blob \| blame \| history
fs/hostfs/hostfs_user.c		diff \| blob \| blame \| history