lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Fri, 11 May 2018 16:04:51 +0200
From:   David Sterba <dsterba@...e.cz>
To:     "Luis R. Rodriguez" <mcgrof@...nel.org>
Cc:     viro@...iv.linux.org.uk, darrick.wong@...cle.com, tytso@....edu,
        adilger.kernel@...ger.ca, clm@...com, jbacik@...com,
        dsterba@...e.com, sandeen@...deen.net, dhowells@...hat.com,
        fliu@...e.com, jack@...e.cz, jeffm@...e.com, nborisov@...e.com,
        jake.norris@...e.com, mtk.manpages@...il.com,
        linux-api@...r.kernel.org, linux-fsdevel@...r.kernel.org,
        linux-xfs@...r.kernel.org, linux-ext4@...r.kernel.org,
        linux-btrfs@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [RFC v2 4/4] btrfs: verify symlinks with append/immutable flags

On Thu, May 10, 2018 at 04:13:59PM -0700, Luis R. Rodriguez wrote:
> The Linux VFS does not allow a way to set append/immuttable
                                                   ^^^^^^^^^^

Typo, in all 3 patches.

> attributes to symlinks, this is just not possible. If this is
> detected inform the user as the filesystem must be corrupted.
> 
> Signed-off-by: Luis R. Rodriguez <mcgrof@...nel.org>
> ---
>  fs/btrfs/inode.c | 9 +++++++++
>  1 file changed, 9 insertions(+)
> 
> diff --git a/fs/btrfs/inode.c b/fs/btrfs/inode.c
> index c4bdb597b323..d9c786be408c 100644
> --- a/fs/btrfs/inode.c
> +++ b/fs/btrfs/inode.c
> @@ -3933,6 +3933,15 @@ static int btrfs_read_locked_inode(struct inode *inode)
>  		inode->i_op = &btrfs_dir_inode_operations;
>  		break;
>  	case S_IFLNK:
> +		/* VFS does not allow setting these so must be corruption */
> +		if (IS_APPEND(inode) || IS_IMMUTABLE(inode)) {
> +			ret = -EUCLEAN;
> +			btrfs_crit(fs_info,
> +				  "corrupt symlink with append/immutable ino=%llu root=%llu\n",

no "\n" and please un-indent the string so it fits 80 columns.

> +				  btrfs_ino(BTRFS_I(inode)),
> +				  root->root_key.objectid);
> +			goto make_bad;

I found some error handling issues, before the switch, there's
btrfs_free_path and there's one more at the make_bad label.

To fix that, please set path = NULL after the first btrfs_free_path, it
can handle a NULL when it's called again.

Next thing I'm not sure about are the ACLs that get initialized in some
cases. There's cache_no_acl() that only resets the inode::i_acl and
inode::i_default_acl, so I think this should be called too. Thanks.

Powered by blists - more mailing lists