Eric Sandeen d3cc7476b8 xfs: do not propagate ENODATA disk errors into xattr code ... commit ae668cd567a6a7622bc813ee0bb61c42bed61ba7 upstream. ENODATA (aka ENOATTR) has a very specific meaning in the xfs xattr code; namely, that the requested attribute name could not be found. However, a medium error from disk may also return ENODATA. At best, this medium error may escape to userspace as "attribute not found" when in fact it's an IO (disk) error. At worst, we may oops in xfs_attr_leaf_get() when we do: error = xfs_attr_leaf_hasname(args, &bp); if (error == -ENOATTR) { xfs_trans_brelse(args->trans, bp); return error; } because an ENODATA/ENOATTR error from disk leaves us with a null bp, and the xfs_trans_brelse will then null-deref it. As discussed on the list, we really need to modify the lower level IO functions to trap all disk errors and ensure that we don't let unique errors like this leak up into higher xfs functions - many like this should be remapped to EIO. However, this patch directly addresses a reported bug in the xattr code, and should be safe to backport to stable kernels. A larger-scope patch to handle more unique errors at lower levels can follow later. (Note, prior to 07120f1abd we did not oops, but we did return the wrong error code to userspace.) Signed-off-by: Eric Sandeen <sandeen@redhat.com> Fixes: 07120f1abd ("xfs: Add xfs_has_attr and subroutines") Cc: stable@vger.kernel.org # v5.9+ Reviewed-by: Darrick J. Wong <djwong@kernel.org> Signed-off-by: Carlos Maiolino <cem@kernel.org> [ Adjust context: removed metadata health tracking calls ] Signed-off-by: Sasha Levin <sashal@kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>		2025-09-04 15:30:29 +02:00
..
9p	fs/9p: fix uninitialized values during inode evict	2024-11-22 15:38:37 +01:00
adfs
affs	affs: don't write overlarge OFS data block size fields	2025-04-10 14:37:37 +02:00
afs	afs: Fix the server_list to unuse a displaced server rather than putting it	2025-03-07 16:45:38 +01:00
autofs
befs
bfs
btrfs	btrfs: send: make fs_path_len() inline and constify its argument	2025-08-28 16:28:41 +02:00
cachefiles	cachefiles: Fix the incorrect return value in __cachefiles_write()	2025-07-24 08:53:16 +02:00
ceph	ceph: fix possible integer overflow in ceph_zero_objects()	2025-07-06 11:00:08 +02:00
coda
configfs	configfs: Do not override creating attribute file failure in populate_attrs()	2025-06-27 11:08:42 +01:00
cramfs	fs: Convert to bdev_open_by_dev()	2024-08-19 06:04:25 +02:00
crypto	fscrypt: Don't use problematic non-inline crypto engines	2025-08-28 16:28:40 +02:00
debugfs
devpts
dlm	dlm: make tcp still work in multi-link env	2025-06-04 14:41:57 +02:00
ecryptfs	fs: Create a generic is_dot_dotdot() utility	2024-10-04 16:29:48 +02:00
efivarfs	efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare	2025-09-04 15:30:26 +02:00
efs
erofs	erofs: fix atomic context detection when !CONFIG_DEBUG_LOCK_ALLOC	2025-09-04 15:30:19 +02:00
exfat	exfat: add cluster chain loop check for dir	2025-08-28 16:28:28 +02:00
exportfs
ext2	ext2: Handle fiemap on empty files to prevent EINVAL	2025-08-28 16:28:15 +02:00
ext4	ext4: preserve SB_I_VERSION on remount	2025-08-28 16:28:44 +02:00
f2fs	f2fs: fix to avoid out-of-boundary access in dnode page	2025-08-28 16:28:36 +02:00
fat	fat: fix uninitialized variable	2024-10-22 15:46:20 +02:00
freevxfs
fscache	netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING	2024-12-09 10:31:45 +01:00
fuse	fuse: fix race between concurrent setattrs from multiple nodes	2025-07-06 11:00:06 +02:00
gfs2	gfs2: Set .migrate_folio in gfs2_{rgrp,meta}_aops	2025-08-28 16:28:15 +02:00
hfs	hfs: fix not erasing deleted b-tree node issue	2025-08-28 16:28:15 +02:00
hfsplus	hfsplus: don't use BUG_ON() in hfsplus_create_attributes_file()	2025-08-28 16:28:14 +02:00
hostfs	um: hostfs: avoid issues on inode number reuse by host	2025-04-10 14:37:34 +02:00
hpfs
hugetlbfs	mm: update memfd seal write check to include F_SEAL_WRITE	2025-08-28 16:28:39 +02:00
iomap	iomap: skip unnecessary ifs_block_is_uptodate check	2025-05-02 07:51:01 +02:00
isofs	isofs: Verify inode mode when loading from disk	2025-07-24 08:53:13 +02:00
jbd2	jbd2: prevent softlockup in jbd2_log_do_checkpoint()	2025-08-28 16:28:36 +02:00
jffs2	jffs2: check jffs2_prealloc_raw_node_refs() result in few other places	2025-06-27 11:08:58 +01:00
jfs	jfs: upper bound check of tree index in dbAllocAG	2025-08-28 16:28:26 +02:00
kernfs	kernfs: Relax constraint in draining guard	2025-06-19 15:28:16 +02:00
lockd	nfsd: stop setting ->pg_stats for unused stats	2024-08-19 06:04:23 +02:00
minix
netfs
nfs	NFS: Fix a race when updating an existing write	2025-09-04 15:30:20 +02:00
nfs_common
nfsd	NFSD: detect mismatch of file handle and delegation stateid in OPEN op	2025-08-28 16:28:11 +02:00
nilfs2	nilfs2: reject invalid file types when reading inodes	2025-08-01 09:47:30 +01:00
nls
notify	fanotify: sanitize handle_type values when reporting fid	2025-08-15 12:08:52 +02:00
ntfs
ntfs3	fs/ntfs3: correctly create symlink for relative path	2025-08-28 16:28:15 +02:00
ocfs2	ocfs2: fix possible memory leak in ocfs2_finish_quota_recovery	2025-06-19 15:28:23 +02:00
omfs
openpromfs	openpromfs: finish conversion to the new mount API	2024-06-12 11:11:30 +02:00
orangefs	fs/orangefs: use snprintf() instead of sprintf()	2025-08-28 16:28:25 +02:00
overlayfs	ovl: Check for NULL d_inode() in ovl_dentry_upper()	2025-07-06 11:00:08 +02:00
proc	proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al	2025-08-15 12:08:54 +02:00
pstore	pstore: Change kmsg_bytes storage size to u32	2025-06-04 14:42:11 +02:00
qnx4
qnx6
quota	quota: flush quota_release_work upon quota writeback	2024-12-09 10:33:01 +01:00
ramfs
reiserfs	reiserfs: fix uninit-value in comp_keys	2024-08-19 06:04:26 +02:00
romfs	fs: Convert to bdev_open_by_dev()	2024-08-19 06:04:25 +02:00
smb	smb3 client: fix return code mapping of remap_file_range	2025-09-04 15:30:28 +02:00
squashfs	squashfs: fix memory leak in squashfs_fill_super	2025-08-28 16:28:43 +02:00
sysfs	fs: sysfs: Fix reference leak in sysfs_break_active_protection()	2024-04-27 17:11:41 +02:00
sysv	sysv: don't call sb_bread() with pointers_lock held	2024-04-13 13:07:34 +02:00
tracefs	tracefs: Add d_delete to remove negative dentries	2025-08-28 16:28:15 +02:00
ubifs	ubifs: skip dumping tnc tree when zroot is null	2025-02-08 09:52:28 +01:00
udf	udf: Verify partition map count	2025-08-28 16:28:15 +02:00
ufs
unicode	Revert "unicode: Don't special case ignorable code points"	2024-12-14 20:00:20 +01:00
vboxsf	vboxsf: fix building with GCC 15	2025-03-22 12:50:41 -07:00
verity	fsverity: use register_sysctl_init() to avoid kmemleak warning	2024-06-16 13:47:33 +02:00
xfs	xfs: do not propagate ENODATA disk errors into xattr code	2025-09-04 15:30:29 +02:00
zonefs
aio.c	fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion	2024-04-03 15:28:44 +02:00
anon_inodes.c	fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass	2025-07-10 16:03:18 +02:00
attr.c
bad_inode.c
binfmt_elf_fdpic.c	fs: binfmt_elf_efpic: don't use missing interpreter's properties	2024-08-29 17:33:33 +02:00
binfmt_elf_test.c
binfmt_elf.c	binfmt_elf: Move brk for static PIE even if ASLR disabled	2025-05-22 14:12:12 +02:00
binfmt_flat.c	binfmt_flat: Fix integer overflow bug on 32 bit systems	2025-02-17 09:40:16 +01:00
binfmt_misc.c	binfmt_misc: cleanup on filesystem umount	2024-08-29 17:33:27 +02:00
binfmt_script.c
buffer.c	fs/buffer: fix use-after-free when call bh_read() helper	2025-08-28 16:28:44 +02:00
char_dev.c
compat_binfmt_elf.c
coredump.c	coredump: hand a pidfd to the usermode coredump helper	2025-06-04 14:42:24 +02:00
d_path.c
dax.c	fsdax: dax_unshare_iter needs to copy entire blocks	2024-11-08 16:28:19 +01:00
dcache.c	fs: better handle deep ancestor chains in is_subdir()	2024-07-25 09:50:54 +02:00
direct-io.c
drop_caches.c
eventfd.c
eventpoll.c	eventpoll: Fix semi-unbounded recursion	2025-08-28 16:28:12 +02:00
exec.c	exec: fix the racy usage of fs_struct->in_exec	2025-04-10 14:37:44 +02:00
fcntl.c	fs: Fix file_set_fowner LSM hook inconsistencies	2024-10-04 16:29:56 +02:00
fhandle.c	fs: Annotate struct file_handle with __counted_by() and use struct_size()	2024-08-19 06:04:28 +02:00
file_table.c	fs: fix proc_handler for sysctl_nr_open	2025-02-08 09:51:42 +01:00
file.c	alloc_fdtable(): change calling conventions.	2025-08-28 16:28:50 +02:00
filesystems.c	fs/filesystems: Fix potential unsigned integer underflow in fs_name()	2025-06-19 15:28:43 +02:00
fs_context.c
fs_parser.c
fs_pin.c
fs_struct.c
fs_types.c
fs-writeback.c	fs/writeback: bail out if there is no more inodes for IO and queued once	2024-06-27 13:49:00 +02:00
fsopen.c
init.c
inode.c	fs/inode: Prevent dump_mapping() accessing invalid dentry.d_name.name	2024-12-09 10:31:41 +01:00
internal.h
ioctl.c
Kconfig	nfs: add missing selections of CONFIG_CRC32	2025-04-25 10:45:46 +02:00
Kconfig.binfmt
kernel_read_file.c
libfs.c	better lockdep annotations for simple_recursive_removal()	2025-08-28 16:28:15 +02:00
locks.c	filelock: Fix fcntl/close race recovery compat path	2024-07-27 11:34:10 +02:00
Makefile
mbcache.c
mnt_idmapping.c
mount.h
mpage.c
namei.c	fuse: don't truncate cached, mutated symlink	2025-03-22 12:50:44 -07:00
namespace.c	use uniform permission checks for all mount propagation changes	2025-08-28 16:28:44 +02:00
nsfs.c
open.c	openat2: explicitly return -E2BIG for (usize > PAGE_SIZE)	2024-11-01 01:58:32 +01:00
pipe.c	fs/pipe: Fix lockdep false-positive in watchqueue pipe_write()	2024-04-10 16:35:57 +02:00
pnode.c
pnode.h
posix_acl.c
proc_namespace.c
read_write.c
readdir.c
remap_range.c
select.c	hrtimer: Use and report correct timerslack values for realtime tasks	2025-03-22 12:50:37 -07:00
seq_file.c
signalfd.c
splice.c	splice: remove duplicate noinline from pipe_clear_nowait	2025-05-02 07:50:45 +02:00
stack.c
stat.c
statfs.c
super.c	fs: Convert to bdev_open_by_dev()	2024-08-19 06:04:25 +02:00
sync.c
sysctls.c
timerfd.c
userfaultfd.c	mm/userfaultfd: fix release hang over concurrent GUP	2025-04-25 10:45:31 +02:00
utimes.c
xattr.c	fs/xattr.c: fix simple_xattr_list()	2025-06-27 11:08:57 +01:00