lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <51137F76.8070705@ts.fujitsu.com>
Date:	Thu, 07 Feb 2013 11:18:30 +0100
From:	Martin Wilck <martin.wilck@...fujitsu.com>
To:	linux-ext4@...r.kernel.org
Subject: GRUB and the risk of block list corruption in extX

Hello,

you may have seen the following warning that is displayed when
someone tries to install GRUB2 on in a extX partition:

  "/sbin/grub-setup: warn: Embedding is not possible. GRUB can only be
  installed in this setup by using blocklists. However, blocklists are
  UNRELIABLE and their use is discouraged."

Recently I have been involved in discussions about this on
https://bugzilla.redhat.com/show_bug.cgi?id=872826.

The Grub manual says "installing to a filesystem means that GRUB is
vulnerable to its blocks being moved around by filesystem features such
as tail packing, or even by aggressive fsck implementations".

My question to the extX experts: Under what circumstances (except
modifying, overwriting, deleting the bootloader image "core.img" itself)
can a block list referencing "core.img" be corrupted? In particular:

 1) could it happen during ordinary operation, filesystem code silently
   moving blocks around?
 2) could it happen in an e2fsck run?
 3) could it be caused by e4defrag?
 4) could it happen with resize2fs even if the blocks occupied by the
file fit in the size that the FS is resized to (otherwise obviously "yes")?
 5) Anything else?
 6) if the file was protected with the IMMUTABLE flag, would any of 1-5
still be able to corrupt the file?

Regards
Martin

-- 
Dr. Martin Wilck
PRIMERGY System Software Engineer
x86 Server Engineering

FUJITSU
Fujitsu Technology Solutions GmbH
Heinz-Nixdorf-Ring 1
33106 Paderborn, Germany
Phone:			++49 5251 525 2796
Fax:			++49 5251 525 2820
Email:			martin.wilck@...fujitsu.com
Internet:		http://ts.fujitsu.com
Company Details:	http://ts.fujitsu.com/imprint
--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists