From f591f6fae3d8b8d44140ca64e53bad840aeeeba0 Mon Sep 17 00:00:00 2001 From: Mark Vitale Date: Mon, 7 Nov 2016 14:16:50 -0500 Subject: [PATCH] dir: do not leak contents of deleted directory entries Deleting an AFS directory entry (afs_dir_Delete) merely removes the entry logically by updating the allocation map and hash table. However, the entry itself remains on disk - that is, both the cache manager's cache partition and the fileserver's vice partitions. This constitutes a leak of directory entry information, including the object's name and MKfid (vnode and uniqueid). This leaked information is also visible on the wire during FetchData requests and volume operations. Modify afs_dir_Delete to clear the contents of deleted directory entries. Patchset notes: This commit only prevents leaks for newly deleted entries. Another commit in this patchset prevents leaks of partial object names upon reuse of pre-existing deleted entries. A third commit in this patchset prevents yet another kind of directory entry leak, when internal buffers are reused to create or enlarge existing directories. All three patches are required to prevent new leaks. Two additional salvager patches are also included to assist administrators in the cleanup of pre-existing leaks. [kaduk@mit.edu: style nit for sizeof() argument] Change-Id: Iabaafeed09a2eb648107b7068eb3dbf767aa2fe9 Reviewed-on: https://gerrit.openafs.org/12460 Reviewed-by: Mark Vitale Tested-by: Mark Vitale Reviewed-by: Michael Meffie Reviewed-by: Benjamin Kaduk --- src/dir/dir.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/dir/dir.c b/src/dir/dir.c index f930adced..6db96b242 100644 --- a/src/dir/dir.c +++ b/src/dir/dir.c @@ -191,7 +191,9 @@ afs_dir_Delete(dir_file_t dir, char *entry) DRelease(&prevbuf, 1); index = DVOffset(&entrybuf) / 32; nitems = afs_dir_NameBlobs(firstitem->name); - DRelease(&entrybuf, 0); + /* Clear entire DirEntry and any DirXEntry extensions */ + memset(firstitem, 0, nitems * sizeof(*firstitem)); + DRelease(&entrybuf, 1); FreeBlobs(dir, index, nitems); return 0; } -- 2.39.5