linux-stable/fs
J. Bruce Fields 4aef760c28 nfsd4: readdirplus shouldn't return parent of export
commit 51b2ee7d00 upstream.

If you export a subdirectory of a filesystem, a READDIRPLUS on the root
of that export will return the filehandle of the parent with the ".."
entry.

The filehandle is optional, so let's just not return the filehandle for
".." if we're at the root of an export.

Note that once the client learns one filehandle outside of the export,
they can trivially access the rest of the export using further lookups.

However, it is also not very difficult to guess filehandles outside of
the export.  So exporting a subdirectory of a filesystem should
considered equivalent to providing access to the entire filesystem.  To
avoid confusion, we recommend only exporting entire filesystems.

Reported-by: Youjipeng <wangzhibei1999@gmail.com>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Cc: stable@vger.kernel.org
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2021-01-23 15:57:56 +01:00
..
9p 9P: Cast to loff_t before multiplying 2020-11-05 11:43:34 +01:00
adfs Merge branch 'work.adfs' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2019-07-19 11:33:22 -07:00
affs affs: fix basic permission bits to actually work 2020-09-09 19:12:34 +02:00
afs afs: Fix memory leak when mounting with multiple source parameters 2020-12-30 11:50:54 +01:00
autofs autofs: fix a leak in autofs_expire_indirect() 2019-10-25 00:03:11 -04:00
befs fs: Fill in max and min timestamps in superblock 2019-08-30 07:27:17 -07:00
bfs bfs: don't use WARNING: string when it's just info. 2021-01-06 14:48:39 +01:00
btrfs btrfs: fix transaction leak and crash after RO remount caused by qgroup rescan 2021-01-19 18:26:14 +01:00
cachefiles cachefiles: Handle readpage error correctly 2020-11-05 11:43:36 +01:00
ceph ceph: fix race in concurrent __ceph_remove_cap invocations 2020-12-30 11:51:40 +01:00
cifs cifs: fix interrupted close commands 2021-01-19 18:26:13 +01:00
coda y2038: add inode timestamp clamping 2019-09-19 09:42:37 -07:00
configfs configfs: fix config_item refcnt leak in configfs_rmdir() 2020-05-27 17:46:30 +02:00
cramfs cramfs: fix usage on non-MTD device 2019-11-23 21:44:49 -05:00
crypto fscrypt: remove kernel-internal constants from UAPI header 2021-01-06 14:48:35 +01:00
debugfs debugfs: Fix module state check condition 2020-09-17 13:47:55 +02:00
devpts devpts_pty_kill(): don't bother with d_delete() 2019-09-03 09:30:56 -04:00
dlm fs: dlm: fix configfs memory leak 2020-10-29 09:58:03 +01:00
ecryptfs ecryptfs: replace BUG_ON with error handling code 2020-02-28 17:22:26 +01:00
efivarfs efivarfs: revert "fix memory leak in efivarfs_create()" 2020-12-02 08:49:53 +01:00
efs fs: Fill in max and min timestamps in superblock 2019-08-30 07:27:17 -07:00
erofs erofs: avoid using generic_block_bmap 2020-12-30 11:51:23 +01:00
exportfs exportfs_decode_fh(): negative pinned may become positive without the parent locked 2019-11-10 11:56:05 -05:00
ext2 ext2: don't update mtime on COW faults 2020-09-09 19:12:30 +02:00
ext4 ext4: fix superblock checksum failure when setting password salt 2021-01-19 18:26:17 +01:00
f2fs f2fs: avoid race condition for shrinker count 2021-01-06 14:48:40 +01:00
fat fat: don't allow to mount if the FAT length == 0 2020-06-17 16:40:36 +02:00
freevxfs fs: Fill in max and min timestamps in superblock 2019-08-30 07:27:17 -07:00
fscache
fuse fuse: fix bad inode 2021-01-09 13:44:54 +01:00
gfs2 gfs2: check for empty rgrp tree in gfs2_ri_update 2020-12-11 13:23:32 +01:00
hfs
hfsplus hfsplus: fix crash and filesystem corruption when deleting files 2020-04-17 10:50:22 +02:00
hostfs
hpfs fs: hpfs: Initialize filesystem timestamp ranges 2019-08-30 08:11:25 -07:00
hugetlbfs hugetlbfs: prevent filesystem stacking of hugetlbfs 2020-09-03 11:26:48 +02:00
iomap iomap: fix WARN_ON_ONCE() from unprivileged users 2020-10-29 09:58:06 +01:00
isofs y2038: add inode timestamp clamping 2019-09-19 09:42:37 -07:00
jbd2 jbd2: fix up sparse warnings in checkpoint code 2020-11-18 19:20:30 +01:00
jffs2 jffs2: Fix NULL pointer dereference in rp_size fs option parsing 2021-01-06 14:48:37 +01:00
jfs jfs: Fix array index bounds check in dbAdjTree 2020-12-30 11:51:40 +01:00
kernfs kernfs: do not call fsnotify() with name without a parent 2020-08-19 08:16:12 +02:00
lockd lockd: don't use interval-based rebinding over TCP 2020-12-30 11:51:16 +01:00
minix fs/minix: remove expected error message in block_to_path() 2020-08-21 13:05:37 +02:00
nfs NFS: nfs_igrab_and_active must first reference the superblock 2021-01-19 18:26:17 +01:00
nfs_common nfs_common: need lock during iterate through the list 2020-12-30 11:51:22 +01:00
nfsd nfsd4: readdirplus shouldn't return parent of export 2021-01-23 15:57:56 +01:00
nilfs2 nilfs2: fix null pointer dereference at nilfs_segctor_do_construct() 2020-06-17 16:40:29 +02:00
nls
notify fanotify: fix ignore mask logic for events on child and on dir 2020-06-17 16:40:24 +02:00
ntfs ntfs: add check for mft record size in superblock 2020-10-29 09:58:03 +01:00
ocfs2 ocfs2: initialize ip_next_orphan 2020-11-18 19:20:30 +01:00
omfs fs: omfs: Initialize filesystem timestamp ranges 2019-08-30 08:11:25 -07:00
openpromfs Merge branch 'work.mount0' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2019-07-19 10:42:02 -07:00
orangefs orangefs: get rid of knob code... 2020-08-21 13:05:29 +02:00
overlayfs ovl: fix unneeded call to ovl_change_flags() 2020-07-22 09:33:12 +02:00
proc proc: fix lookup in /proc/net subdirectories after setns(2) 2021-01-12 20:16:10 +01:00
pstore pstore: Fix linking when crypto API disabled 2020-08-19 08:16:27 +02:00
qnx4 fs: Fill in max and min timestamps in superblock 2019-08-30 07:27:17 -07:00
qnx6 fs: Fill in max and min timestamps in superblock 2019-08-30 07:27:17 -07:00
quota quota: Don't overflow quota file offsets 2021-01-06 14:48:39 +01:00
ramfs ramfs: fix nommu mmap with gaps in the page cache 2020-10-29 09:57:53 +01:00
reiserfs reiserfs: add check for an invalid ih_entry_count 2021-01-06 14:48:38 +01:00
romfs romfs: fix uninitialized memory leak in romfs_dev_read() 2020-08-26 10:40:51 +02:00
squashfs Merge branch 'work.mount2' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2019-09-19 10:06:57 -07:00
sysfs Merge branch 'work.mount0' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2019-07-19 10:42:02 -07:00
sysv fs: sysv: Initialize filesystem timestamp ranges 2019-08-30 07:27:18 -07:00
tracefs tracing: Do not create tracefs files if tracefs lockdown is in effect 2019-10-12 20:49:07 -04:00
ubifs ubifs: prevent creating duplicate encrypted filenames 2021-01-06 14:48:35 +01:00
udf udf: Fix memory leak when mounting 2020-11-05 11:43:29 +01:00
ufs fs/ufs: avoid potential u32 multiplication overflow 2020-08-21 13:05:37 +02:00
unicode unicode: make array 'token' static const, makes object smaller 2019-09-17 11:48:24 -04:00
verity fs-verity: support builtin file signatures 2019-08-12 19:33:50 -07:00
xfs xfs: revert "xfs: fix rmap key and record comparison functions" 2020-11-24 13:29:18 +01:00
aio.c aio: fix async fsync creds 2020-06-17 16:40:24 +02:00
anon_inodes.c Merge branch 'work.mount0' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2019-07-19 10:42:02 -07:00
attr.c utimes: Clamp the timestamps in notify_change() 2020-02-11 04:35:12 -08:00
bad_inode.c
binfmt_aout.c
binfmt_elf.c fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info() 2020-06-03 08:21:27 +02:00
binfmt_elf_fdpic.c
binfmt_em86.c
binfmt_flat.c binfmt_flat: revert "binfmt_flat: don't offset the data start" 2020-09-03 11:26:39 +02:00
binfmt_misc.c Merge branch 'work.mount0' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2019-07-19 10:42:02 -07:00
binfmt_script.c
block_dev.c bdev: Reduce time holding bd_mutex in sync in blkdev_close() 2020-10-01 13:17:55 +02:00
buffer.c fs: Don't invalidate page buffers in block_write_full_page() 2020-11-05 11:43:24 +01:00
char_dev.c chardev: Avoid potential use-after-free in 'chrdev_open()' 2020-01-14 20:08:18 +01:00
compat.c
compat_binfmt_elf.c
compat_ioctl.c fix compat handling of FICLONERANGE, FIDEDUPERANGE and FS_IOC_FIEMAP 2020-01-09 10:20:05 +01:00
coredump.c coredump: fix core_pattern parse error 2020-12-11 13:23:30 +01:00
d_path.c fs: fix NULL dereference due to data race in prepend_path() 2020-10-29 09:57:45 +01:00
dax.c dax: pass NOWAIT flag to iomap_apply 2020-03-05 16:43:36 +01:00
dcache.c fix dget_parent() fastpath race 2020-10-01 13:17:19 +02:00
dcookies.c
direct-io.c fs/direct-io.c: fix kernel-doc warning 2019-10-14 15:04:01 -07:00
drop_caches.c fs: avoid softlockups in s_inodes iterators 2020-01-12 12:21:37 +01:00
eventfd.c eventfd: track eventfd_signal() recursion depth 2020-02-11 04:35:37 -08:00
eventpoll.c ep_create_wakeup_source(): dentry name can change under you... 2020-10-07 08:01:31 +02:00
exec.c exec: Transform exec_update_mutex into a rw_semaphore 2021-01-09 13:44:55 +01:00
fcntl.c fcntl: Fix potential deadlock in send_sig{io, urg}() 2021-01-06 14:48:39 +01:00
fhandle.c fs/handle.c - fix up kerneldoc 2019-08-07 21:51:47 -04:00
file.c fix multiplication overflow in copy_fdtable() 2020-05-27 17:46:12 +02:00
file_table.c vfs: Export flush_delayed_fput for use by knfsd. 2019-08-19 11:00:39 -04:00
filesystems.c fs/filesystems.c: downgrade user-reachable WARN_ONCE() to pr_warn_once() 2020-04-17 10:50:21 +02:00
fs-writeback.c writeback: Fix sync livelock due to b_dirty_time processing 2020-09-03 11:27:04 +02:00
fs_context.c vfs: subtype handling moved to fuse 2019-09-06 21:28:49 +02:00
fs_parser.c vfs: Make fs_parse() handle fs_param_is_fd-type params better 2019-09-12 21:06:14 -04:00
fs_pin.c switch the remnants of releasing the mountpoint away from fs_pin 2019-07-16 22:52:37 -04:00
fs_struct.c
fs_types.c
fsopen.c Merge branch 'work.mount0' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2019-07-19 10:42:02 -07:00
inode.c futex: Fix inode life-time issue 2020-03-25 08:25:58 +01:00
internal.h fs: move guard_bio_eod() after bio_set_op_attrs 2020-01-17 19:48:21 +01:00
io_uring.c io_uring: Fix double list add in io_queue_async_work() 2020-10-14 10:32:57 +02:00
ioctl.c compat_ioctl: add compat_ptr_ioctl() 2019-12-17 19:55:30 +01:00
Kconfig fs-verity for 5.4 2019-09-18 16:59:14 -07:00
Kconfig.binfmt
libfs.c libfs: fix error cast of negative value in simple_attr_write() 2020-11-24 13:29:19 +01:00
locks.c locks: reinstate locks_delete_block optimization 2020-03-25 08:25:41 +01:00
Makefile fs-verity for 5.4 2019-09-18 16:59:14 -07:00
mbcache.c
mount.h switch the remnants of releasing the mountpoint away from fs_pin 2019-07-16 22:52:37 -04:00
mpage.c fs: move guard_bio_eod() after bio_set_op_attrs 2020-01-17 19:48:21 +01:00
namei.c namei: only return -ECHILD from follow_dotdot_rcu() 2020-03-05 16:43:48 +01:00
namespace.c fs/namespace.c: WARN if mnt_count has become negative 2021-01-06 14:48:40 +01:00
no-block.c
nsfs.c
open.c cifs_atomic_open(): fix double-put on late allocation failure 2020-03-18 07:17:51 +01:00
pipe.c
pnode.c propagate_one(): mnt_set_mountpoint() needs mount_lock 2020-05-02 08:48:44 +02:00
pnode.h fs/namespace.c: WARN if mnt_count has become negative 2021-01-06 14:48:40 +01:00
posix_acl.c
proc_namespace.c vfs: subtype handling moved to fuse 2019-09-06 21:28:49 +02:00
read_write.c fs: allow deduplication of eof block into the end of the destination file 2020-02-11 04:35:23 -08:00
readdir.c readdir: be more conservative with directory entry names 2020-01-29 16:45:31 +01:00
select.c fs/select.c: use struct_size() in kmalloc() 2019-07-16 19:23:25 -07:00
seq_file.c seq_file: fix problem when seeking mid-record 2019-08-13 16:06:52 -07:00
signalfd.c fs/signalfd.c: fix inconsistent return codes for signalfd4 2020-08-26 10:40:58 +02:00
splice.c splice: only read in as much information as there is pipe buffer space 2019-12-17 19:56:52 +01:00
stack.c
stat.c
statfs.c vfs: Fix EOVERFLOW testing in put_compat_statfs64 2019-10-03 14:21:35 -07:00
super.c vfs: remove lockdep bogosity in __sb_start_write 2020-11-24 13:29:01 +01:00
sync.c
timerfd.c timerfd: Prepare for PREEMPT_RT 2019-08-01 20:51:23 +02:00
userfaultfd.c userfaultfd: require CAP_SYS_PTRACE for UFFD_FEATURE_EVENT_FORK 2020-01-04 19:18:32 +01:00
utimes.c utimes: Clamp the timestamps in notify_change() 2020-02-11 04:35:12 -08:00
xattr.c xattr: break delegations in {set,remove}xattr 2020-08-11 15:33:39 +02:00