lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 11 May 2018 16:04:51 +0200 From: David Sterba <dsterba@...e.cz> To: "Luis R. Rodriguez" <mcgrof@...nel.org> Cc: viro@...iv.linux.org.uk, darrick.wong@...cle.com, tytso@....edu, adilger.kernel@...ger.ca, clm@...com, jbacik@...com, dsterba@...e.com, sandeen@...deen.net, dhowells@...hat.com, fliu@...e.com, jack@...e.cz, jeffm@...e.com, nborisov@...e.com, jake.norris@...e.com, mtk.manpages@...il.com, linux-api@...r.kernel.org, linux-fsdevel@...r.kernel.org, linux-xfs@...r.kernel.org, linux-ext4@...r.kernel.org, linux-btrfs@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [RFC v2 4/4] btrfs: verify symlinks with append/immutable flags On Thu, May 10, 2018 at 04:13:59PM -0700, Luis R. Rodriguez wrote: > The Linux VFS does not allow a way to set append/immuttable ^^^^^^^^^^ Typo, in all 3 patches. > attributes to symlinks, this is just not possible. If this is > detected inform the user as the filesystem must be corrupted. > > Signed-off-by: Luis R. Rodriguez <mcgrof@...nel.org> > --- > fs/btrfs/inode.c | 9 +++++++++ > 1 file changed, 9 insertions(+) > > diff --git a/fs/btrfs/inode.c b/fs/btrfs/inode.c > index c4bdb597b323..d9c786be408c 100644 > --- a/fs/btrfs/inode.c > +++ b/fs/btrfs/inode.c > @@ -3933,6 +3933,15 @@ static int btrfs_read_locked_inode(struct inode *inode) > inode->i_op = &btrfs_dir_inode_operations; > break; > case S_IFLNK: > + /* VFS does not allow setting these so must be corruption */ > + if (IS_APPEND(inode) || IS_IMMUTABLE(inode)) { > + ret = -EUCLEAN; > + btrfs_crit(fs_info, > + "corrupt symlink with append/immutable ino=%llu root=%llu\n", no "\n" and please un-indent the string so it fits 80 columns. > + btrfs_ino(BTRFS_I(inode)), > + root->root_key.objectid); > + goto make_bad; I found some error handling issues, before the switch, there's btrfs_free_path and there's one more at the make_bad label. To fix that, please set path = NULL after the first btrfs_free_path, it can handle a NULL when it's called again. Next thing I'm not sure about are the ACLs that get initialized in some cases. There's cache_no_acl() that only resets the inode::i_acl and inode::i_default_acl, so I think this should be called too. Thanks.
Powered by blists - more mailing lists