diff options
author | Jakob Unterwurzacher | 2020-10-18 21:05:44 +0200 |
---|---|---|
committer | Jakob Unterwurzacher | 2020-10-18 21:07:30 +0200 |
commit | 6697ffd6e213828ff4cd873cd1d104877096a230 (patch) | |
tree | f256f0b720d0472b37c0af08806786d2232e8806 /internal/fusefrontend/node_xattr.go | |
parent | c943ed32aaf94a4e60d96c7a513180d29b15a40a (diff) |
fusefronted: reject GETXATTR "security.capability"
Unless we are mounted with -suid, we can reject
these requests, and gain back some lost speed.
Closes https://github.com/rfjakob/gocryptfs/issues/515
Diffstat (limited to 'internal/fusefrontend/node_xattr.go')
-rw-r--r-- | internal/fusefrontend/node_xattr.go | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/internal/fusefrontend/node_xattr.go b/internal/fusefrontend/node_xattr.go index de40915..cbc5804 100644 --- a/internal/fusefrontend/node_xattr.go +++ b/internal/fusefrontend/node_xattr.go @@ -18,11 +18,24 @@ var xattrNameIV = []byte("xattr_name_iv_xx") // encrypted original name. var xattrStorePrefix = "user.gocryptfs." +// We get one read of this xattr for each write - +// see https://github.com/rfjakob/gocryptfs/issues/515 for details. +var xattrCapability = "security.capability" + // GetXAttr - FUSE call. Reads the value of extended attribute "attr". // // This function is symlink-safe through Fgetxattr. func (n *Node) Getxattr(ctx context.Context, attr string, dest []byte) (uint32, syscall.Errno) { rn := n.rootNode() + // If we are not mounted with -suid, reading the capability xattr does not + // make a lot of sense, so reject the request and gain a massive speedup. + // See https://github.com/rfjakob/gocryptfs/issues/515 . + if !rn.args.Suid && attr == xattrCapability { + // Returning EOPNOTSUPP is what we did till + // ca9e912a28b901387e1dbb85f6c531119f2d5ef2 "fusefrontend: drop xattr user namespace restriction" + // and it did not cause trouble. Seems cleaner than saying ENODATA. + return 0, syscall.EOPNOTSUPP + } cAttr := rn.encryptXattrName(attr) cData, errno := n.getXAttr(cAttr) if errno != 0 { |