lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20250926212451.GB118657@mit.edu>
Date: Fri, 26 Sep 2025 17:24:51 -0400
From: "Theodore Ts'o" <tytso@....edu>
To: Andreas Dilger <adilger@...ger.ca>
Cc: Deepanshu Kartikey <kartikey406@...il.com>,
        linux-ext4 <linux-ext4@...r.kernel.org>
Subject: Re: [PATCH v2] ext4: validate ea_ino and size in check_xattrs

On Fri, Sep 26, 2025 at 01:47:14PM -0600, Andreas Dilger wrote:
> 
> *NOTE* I haven't tested whether e2fsck already handles this scenario
> correctly, but it is definitely worthwhile to test this with your
> reproducer image to see if e2fsck already fixes the issue. If that is
> already the case, then there is nothing more to be done.

It doesn't.  But see the patch that I sent to fix this.

> If e2fsck does *not* repair this error, then the right workflow is to
> make a *minimal* filesystem image with this corruption and use it for
> a new test case.

I aready sent a patch on this thread, and it includes a minimal file
sytem image.  Unfortunately, we don't have easy way to create
corrupted extended attributre entries using the debugfs tool.  This is
why I decided to just create the patch and test case, instead of
asking Deepanshu to try to create it, since creating the test case
requires using a hex editor and understanding of the extended
attribute layout.  One of these days we really should add the ability
to easily edit extended attribute blocks to corrupt them, but to date
it's been easier for me to just use emacs hexl-mode to edit the image.

The good news is that there are tools to examine extended attributes.
For example:

% debugfs /tmp/f_ea_zero_size.img
debugfs 1.47.3-rc2 (12-Jun-2025)
debugfs:  stat lustre
Inode: 12   Type: regular    Mode:  0644   Flags: 0x80000
Generation: 1631366467    Version: 0x00000000:00000001
User:     0   Group:     0   Project:     0   Size: 0
File ACL: 13
Links: 1   Blockcount: 8
Fragment:  Address: 0    Number: 0    Size: 0
 ctime: 0x594f621c:5143fea0 -- Sun Jun 25 03:11:24 2017
 atime: 0x594f621c:396c7aa4 -- Sun Jun 25 03:11:24 2017
 mtime: 0x594f621c:396c7aa4 -- Sun Jun 25 03:11:24 2017
crtime: 0x594f621c:396c7aa4 -- Sun Jun 25 03:11:24 2017
Size of extra inode fields: 32
EXTENTS:
debugfs:  block_dump -x 13
magic = ea020000, length = 4096
refcount = 1, blocks = 1
hash = 767a7676, checksum = 00000000
reserved: 00000000 00000000 00000000

offset = 32 (0040), hash = 3109, name_len = 2, name_index = 1
value_offset = 0 (0000), value_inum = 14, value_size = 0
name = be

offset = 52 (0064), hash = 2053076598, name_len = 2, name_index = 1
value_offset = 3996 (7634), value_inum = 0, value_size = 100
name = bi
value = vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv

last entry found at offset 72 (0110)

There are also debugfs commands "ea_get, ea_set, and ea_list", which
is good for edit valid extended attribute blocks.  So what I tend to
do is to use these tools to create a valid extended attribute block
--- and then I'll corrupt it using emacs hexl-mode.

    	     	  	     	   	 - Ted

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ