projects / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0730e8d) | patch
xfs: hide private inodes from bulkstat and handle functions
authorDarrick J. Wong <djwong@kernel.org>
Mon, 15 Apr 2024 21:54:27 +0000 (14:54 -0700)
committerDarrick J. Wong <djwong@kernel.org>
Mon, 15 Apr 2024 21:58:48 +0000 (14:58 -0700)
commitcab23a4233c601668da51dd53776f1f83d0dccee
treec3d06a0c96adf86abaa732e752bcd8caa1ca4a5ctree | snapshot
parent0730e8d8ba1d1507f1d7fd719e1f835ce69961fecommit | diff
xfs: hide private inodes from bulkstat and handle functions

We're about to start adding functionality that uses internal inodes that
are private to XFS.  What this means is that userspace should never be
able to access any information about these files, and should not be able
to open these files by handle.

To prevent users from ever finding the file or mis-interactions with the
security apparatus, set S_PRIVATE on the inode.  Don't allow bulkstat,
open-by-handle, or linking of S_PRIVATE files into the directory tree.
This should keep private inodes actually private.

Signed-off-by: Darrick J. Wong <djwong@kernel.org>
Reviewed-by: Christoph Hellwig <hch@lst.de>
fs/xfs/xfs_export.c diff | blob | history
fs/xfs/xfs_iops.c diff | blob | history
fs/xfs/xfs_itable.c diff | blob | history
ep93xx device tree rework repo: git://git.maquefel.me/linux.git