lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Wed, 2 Nov 2022 14:55:05 -0600
From:   Andreas Dilger <>
To:     Eric Biggers <>
Subject: Re: [e2fsprogs PATCH] e2fsck: don't allow journal inode to have
 encrypt flag

On Nov 1, 2022, at 11:35 PM, Eric Biggers <> wrote:
> From: Eric Biggers <>
> Since the kernel is being fixed to consider journal inodes with the
> 'encrypt' flag set to be invalid, also update e2fsck accordingly.
> Signed-off-by: Eric Biggers <>
> ---
> e2fsck/journal.c                   |   3 ++-
> tests/f_badjour_encrypted/expect.1 |  30 +++++++++++++++++++++++++++++
> tests/f_badjour_encrypted/expect.2 |   7 +++++++
> tests/f_badjour_encrypted/image.gz | Bin 0 -> 2637 bytes

Good to have a test case for this.

In the past Ted has asked that new test cases are generated via mke2fs
and debugfs in "f_XXX/script" file rather than a binary image, if possible.
That avoids saving a binary blob in Git, and also makes it much more
clear in the future what is done to the filesystem to corrupt it, rather
than having to reverse engineer this from the bits on disk.

Something like tests/f_dup4/script is a good example of this.  You may
be able to use something as simple as the following:

    touch $TMPFILE
    $MKE2FS -t ext4 -b 1024 -J size=4 ... $TMPFILE 16384
    $DEBUGFS -w -R 'set_inode_field <8> flags 0x800' $TMPFILE
    . $cmd_dir/run_e2fsck

It might be more involved, depending on how the journal was corrupted.
For complex debugfs changes, it is better to use a "here" document to
perform multiple commands than running debugfs multiple times.

The script is also much more compact than the binary image, and tolerates
changes a lot better as well.

Cheers, Andreas

> diff --git a/tests/f_badjour_encrypted/image.gz b/tests/f_badjour_encrypted/image.gz
> new file mode 100644
> index 0000000000000000000000000000000000000000..660496ea5bba9b5589e6ce522feb998a56ab946a
> GIT binary patch
> literal 2637
> zcmb2|=3oE;CgwMHnR%A}ly$iH+hCjen-$w~Z}VkIC+6NxyCc!NYR5sNh}+xBbE4nR
> zN&o!s6aW5(lcp<{UH`qxzUS4ptP5pfA==wwf8L3{|MOkc?r&esd8Bgo#^iqA5gFQC
> z<@R-dVr@...HkR5{rAnDhwlG>jraZU^QHBbXJlmsKi|6fW!ukpZ~6bfSpUB2;pTmx
> zj{M*I=+61|wWkw4%t_n+w)pIx)GIr3+pcz<UH*C1)vHaf+5&5L-JN;=TiBLGj=QD!
> zvwYR3oA+2BEcm`&zU2O)tkADJdjH<PwxLjZ&!1oZHNUt0v)ga`;{kvAnl~H3enld#
> z$+@...c~a}A54fin`clHvi0Skf*&i~udaD@=i-@...orPp11i^EC2t^@...&nP$X3
> zzi$!s_i3c{*ZQX!$^Q>{-utf_{{O+ORnhK@!q@)4KVSKq`3wIq_AmS|<S*DSsCW3^
> z@...?^DlP4J^%iH{<8evDyi)kD?Tqg`0VhxvhA|(9o0n`65ek4mi5+?8xj$4$636y
> z`F^c@...vQi=WK?|9-~qcRR0El+UlfvVnKm_Je1l*?MoM1?axIu;=xksEaRLt^f1+
> zcI>}%!KM17_pFRy`>QV2pCx6B<9`)>o$;~a`cLx=*Y;<@Z|{cwUm;riQQi9d{>A@(
> z&c6T7uKx1sm(kDuuPD6Dvs!ev|MSq*t68t|F8)>W`}uD3t6l#pUM)HIKYZ_&&TqRj
> zWsCn;=6#)UcWr%}?)}rh(#y8)a4!C~Kik#*_w$dx|Fgp#PX@#7>W*1KzH66-US2JE
> z^-NZn>F!y<XV*Rp{k)o$kqqNTwTy<qXb9jBf%d~z-yS%C)HqDo|5YJ89>4NY+0hUf
> k4S}H$0uFBvZUnjWfI|K2%r`6YXzOOCSzdj93=9ek0BUk;ZvX%Q

Cheers, Andreas

Download attachment "signature.asc" of type "application/pgp-signature" (874 bytes)

Powered by blists - more mailing lists