projects / linux-block.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 92f08e9) | patch
afs: Add rootcell checks
authorDavid Howells <dhowells@redhat.com>
Tue, 7 Jan 2025 18:34:50 +0000 (18:34 +0000)
committerChristian Brauner <brauner@kernel.org>
Fri, 10 Jan 2025 13:54:07 +0000 (14:54 +0100)
commit3e914febd79a8d1a78ee6e67ff3fa4214d6d1d57
treec946b49553e9b25cf055f367afd6b7ea9a1c5e12tree
parent92f08e9d3cf0f8005ac6fcb931e3c388efc3ac49commit | diff
afs: Add rootcell checks

Add some checks for the validity of the cell name.  It's may get put into a
symlink, so preclude it containing any slashes or "..".  Also disallow
starting/ending with a dot.  This makes /afs/@cell/ as a symlink less of a
security risk.

Also disallow multiple setting of /proc/net/afs/rootcell for any given
network namespace.  Once set, the value may not be changed.  This makes it
easier to only create /afs/@cell and /afs/.@cell if there's a rootcell.

Signed-off-by: David Howells <dhowells@redhat.com>
Link: https://lore.kernel.org/r/20250107183454.608451-3-dhowells@redhat.com
cc: Marc Dionne <marc.dionne@auristor.com>
cc: linux-afs@lists.infradead.org
Signed-off-by: Christian Brauner <brauner@kernel.org>
fs/afs/cell.c diff | blob | blame | history
fs/afs/proc.c diff | blob | blame | history
Linux 6.x block layer and io_uring tree(s)