lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Wed, 04 Aug 2021 00:54:09 -0400
From:   Gabriel Krisman Bertazi <krisman@...labora.com>
To:     Amir Goldstein <amir73il@...il.com>
Cc:     LTP List <ltp@...ts.linux.it>, Jan Kara <jack@...e.com>,
        Ext4 <linux-ext4@...r.kernel.org>,
        Khazhismel Kumykov <khazhy@...gle.com>, kernel@...labora.com
Subject: Re: [PATCH 3/7] syscalls/fanotify20: Validate incoming FID in
 FAN_FS_ERROR

Amir Goldstein <amir73il@...il.com> writes:

> On Tue, Aug 3, 2021 at 12:47 AM Gabriel Krisman Bertazi
> <krisman@...labora.com> wrote:
>>
>> Verify the FID provided in the event.  If the testcase has a null inode,
>> this is assumed to be a superblock error (i.e. null FH).
>>
>> Signed-off-by: Gabriel Krisman Bertazi <krisman@...labora.com>
>> ---
>>  .../kernel/syscalls/fanotify/fanotify20.c     | 51 +++++++++++++++++++
>>  1 file changed, 51 insertions(+)
>>
>> diff --git a/testcases/kernel/syscalls/fanotify/fanotify20.c b/testcases/kernel/syscalls/fanotify/fanotify20.c
>> index fd5cfb8744f1..d8d788ae685f 100644
>> --- a/testcases/kernel/syscalls/fanotify/fanotify20.c
>> +++ b/testcases/kernel/syscalls/fanotify/fanotify20.c
>> @@ -40,6 +40,14 @@
>>
>>  #define FAN_EVENT_INFO_TYPE_ERROR      4
>>
>> +#ifndef FILEID_INVALID
>> +#define        FILEID_INVALID          0xff
>> +#endif
>> +
>> +#ifndef FILEID_INO32_GEN
>> +#define FILEID_INO32_GEN       1
>> +#endif
>> +
>>  struct fanotify_event_info_error {
>>         struct fanotify_event_info_header hdr;
>>         __s32 error;
>> @@ -57,6 +65,9 @@ static const struct test_case {
>>         char *name;
>>         int error;
>>         unsigned int error_count;
>> +
>> +       /* inode can be null for superblock errors */
>> +       unsigned int *inode;
>
> Any reason not to use fanotify_fid_t * like fanotify16.c?

No reason other than I didn't notice they existed. Sorry. I will get
this fixed.

-- 
Gabriel Krisman Bertazi

Powered by blists - more mailing lists