Page MenuHomeFreeBSD

fusefs: handle evil servers that return illegal inode numbers
ClosedPublic

Authored by asomers on May 4 2022, 11:40 PM.
Tags
None
Referenced Files
Unknown Object (File)
Wed, May 15, 10:37 PM
Unknown Object (File)
Fri, May 3, 5:39 PM
Unknown Object (File)
Tue, Apr 30, 8:17 PM
Unknown Object (File)
Tue, Apr 30, 8:02 PM
Unknown Object (File)
Sun, Apr 28, 1:46 PM
Unknown Object (File)
Sun, Apr 28, 10:42 AM
Unknown Object (File)
Apr 22 2024, 7:00 AM
Unknown Object (File)
Mar 28 2024, 6:47 PM
Subscribers

Details

Summary

fusefs: handle evil servers that return illegal inode numbers

  • If during FUSE_CREATE, FUSE_MKDIR, etc the server returns the same inode number for the new file as for its parent directory, reject it. Previously this would triggers a recurse-on-non-recursive lock panic.
  • If during FUSE_LINK the server returns a different inode number for the new name as for the old one, reject it. Obviously, that can't be a hard link.
  • If during FUSE_LOOKUP the server returns the same inode number for the new file as for its parent directory, reject it. Nothing good can come of this.

PR: 263662
Reported by: Robert Morris <rtm@lcs.mit.edu>
MFC after: 2 weeks

Test Plan

tests added

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable