lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20180628135909.6498-1-lczerner@redhat.com>
Date:   Thu, 28 Jun 2018 15:59:09 +0200
From:   Lukas Czerner <lczerner@...hat.com>
To:     linux-ext4@...r.kernel.org
Cc:     Lukas Czerner <lczerner@...hat.com>
Subject: [PATCH] e2fsck: do not allow initialized blocks pass i_size

We do not allow initialized blocks to exist past i_size as this could
lead to stale data exposure.

Remove test f_pgsize_gt_blksize because it is testing for the scenario
that not allowed. f_eofblocks is already testing for this.

Signed-off-by: Lukas Czerner <lczerner@...hat.com>
---
 e2fsck/pass1.c                     | 12 ++----------
 tests/f_eofblocks/expect.1         |  2 ++
 tests/f_pgsize_gt_blksize/expect.1 |  7 -------
 tests/f_pgsize_gt_blksize/expect.2 |  7 -------
 tests/f_pgsize_gt_blksize/name     |  1 -
 tests/f_pgsize_gt_blksize/script   | 18 ------------------
 6 files changed, 4 insertions(+), 43 deletions(-)
 delete mode 100644 tests/f_pgsize_gt_blksize/expect.1
 delete mode 100644 tests/f_pgsize_gt_blksize/expect.2
 delete mode 100644 tests/f_pgsize_gt_blksize/name
 delete mode 100644 tests/f_pgsize_gt_blksize/script

diff --git a/e2fsck/pass1.c b/e2fsck/pass1.c
index f1fa5d94..461f5fb6 100644
--- a/e2fsck/pass1.c
+++ b/e2fsck/pass1.c
@@ -3448,16 +3448,8 @@ static void check_blocks(e2fsck_t ctx, struct problem_context *pctx,
 
 		size = EXT2_I_SIZE(inode);
 		if ((pb.last_init_lblock >= 0) &&
-		    /* if size is smaller than expected by the block count,
-		     * allow allocated blocks to end of PAGE_SIZE.
-		     * last_init_lblock is the last in-use block, so it is
-		     * the minimum expected file size, but +1 because it is
-		     * the base-zero block number and not the block count. */
-		    (size < (__u64)pb.last_init_lblock * fs->blocksize) &&
-		    ((pb.last_init_lblock + 1) / blkpg * blkpg !=
-		     (pb.last_init_lblock + 1) ||
-		     size < (__u64)(pb.last_init_lblock & ~(blkpg - 1)) *
-		     fs->blocksize))
+		    /* Do not allow initialized allocated blocks past i_size*/
+		    (size < (__u64)pb.last_init_lblock * fs->blocksize))
 			bad_size = 3;
 		else if (!(extent_fs && (inode->i_flags & EXT4_EXTENTS_FL)) &&
 			 size > ext2_max_sizes[fs->super->s_log_block_size])
diff --git a/tests/f_eofblocks/expect.1 b/tests/f_eofblocks/expect.1
index 34222480..f224b7da 100644
--- a/tests/f_eofblocks/expect.1
+++ b/tests/f_eofblocks/expect.1
@@ -1,4 +1,6 @@
 Pass 1: Checking inodes, blocks, and sizes
+Inode 30, i_size is 2048, should be 4096.  Fix? yes
+
 Inode 31, i_size is 2048, should be 6144.  Fix? yes
 
 Pass 2: Checking directory structure
diff --git a/tests/f_pgsize_gt_blksize/expect.1 b/tests/f_pgsize_gt_blksize/expect.1
deleted file mode 100644
index c00f5db5..00000000
--- a/tests/f_pgsize_gt_blksize/expect.1
+++ /dev/null
@@ -1,7 +0,0 @@
-Pass 1: Checking inodes, blocks, and sizes
-Pass 2: Checking directory structure
-Pass 3: Checking directory connectivity
-Pass 4: Checking reference counts
-Pass 5: Checking group summary information
-test_filesys: 12/32 files (0.0% non-contiguous), 40/100 blocks
-Exit status is 0
diff --git a/tests/f_pgsize_gt_blksize/expect.2 b/tests/f_pgsize_gt_blksize/expect.2
deleted file mode 100644
index c00f5db5..00000000
--- a/tests/f_pgsize_gt_blksize/expect.2
+++ /dev/null
@@ -1,7 +0,0 @@
-Pass 1: Checking inodes, blocks, and sizes
-Pass 2: Checking directory structure
-Pass 3: Checking directory connectivity
-Pass 4: Checking reference counts
-Pass 5: Checking group summary information
-test_filesys: 12/32 files (0.0% non-contiguous), 40/100 blocks
-Exit status is 0
diff --git a/tests/f_pgsize_gt_blksize/name b/tests/f_pgsize_gt_blksize/name
deleted file mode 100644
index 3aa02027..00000000
--- a/tests/f_pgsize_gt_blksize/name
+++ /dev/null
@@ -1 +0,0 @@
-PAGE_SIZE larger than blocksize with hole at end
diff --git a/tests/f_pgsize_gt_blksize/script b/tests/f_pgsize_gt_blksize/script
deleted file mode 100644
index 422b83ae..00000000
--- a/tests/f_pgsize_gt_blksize/script
+++ /dev/null
@@ -1,18 +0,0 @@
-SKIP_GUNZIP="true"
-
-touch $TMPFILE
-$MKE2FS -N 32 -F -o Linux -b 1024 $TMPFILE 100 > /dev/null 2>&1
-
-DATA_FILE=$(mktemp ${TMPDIR:-/tmp}/e2fsprogs-zerodata.XXXXXX)
-dd if=$TEST_BITS of=$DATA_FILE bs=1k count=16 > /dev/null 2>&1
-$DEBUGFS -w $TMPFILE << EOF > /dev/null 2>&1
-write $DATA_FILE foo
-set_inode_field foo size 13000
-q
-EOF
-
-. $cmd_dir/run_e2fsck
-
-rm -f $DATA_FILE
-
-unset DATA_FILE
-- 
2.17.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ