lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <1153442533.5050.1.camel@aeonflux.holtmann.net>
Date:	Fri, 21 Jul 2006 02:42:13 +0200
From:	Marcel Holtmann <marcel@...tmann.org>
To:	Neil Brown <neilb@...e.de>
Cc:	Jan Kara <jack@...e.cz>, James <20@...ingley.org>,
	linux-kernel@...r.kernel.org, akpm@...l.org, sct@...hat.com
Subject: Re: Bad ext3/nfs DoS bug

Hi Neil,

> > > So what happens next? Is the ext3 maintainer on sabatical,
> > > or am I expected to submit a patch to fix this?
> >   I guess people are mostly busy with OLS and such so maybe they missed
> > the discussion.. Giving CC to relevant people to catch their attention
> > :)
> >   Andrew, Stephen: James has come across a nasty bug (potentially remote
> > DoS). NFS extracts inode number from a filehandle and the inode number
> > eventually ends in ext3_read_inode(). Now if the inode number is bogus,
> > ext3_get_inode_block() calls ext3_error() and filesystem is remounted
> > RO or whatever else is configured. That is quite undesirable in this
> > case.
> >   Now the easy "fix" is to change ext3_error() to ext3_warning() but an
> > attacker flooding your logs with warnings is probably not good either
> > and in case the inode number comes from ext3 itself we should really do
> > ext3_error() as there is some corruption in the fs.
> >   Better fix would be to add a flag to read_inode() saying that the inode
> > number is from untrusted source (but that means changing a prototype of a
> > function every fs uses) and change export_iget() to pass this flag. Yet
> > another solution would be to make ext3 implement its own get_dentry() export
> > function and pass the flag internally...
> >   What do you think is the best solution?
> 
> I think that a good solution (hard to say if it is the best) is to
> remove that error message altogether, and put it where inode numbers
> are read out of directories.  Something like the following patch -
> compile tested only.

I tested your patch and it works for me. So can someone with ext3
knowledge review and then propose it for upstream inclusion.

Regards

Marcel


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ