lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Fri, 6 Dec 2019 08:46:36 +0200
From:   Amir Goldstein <amir73il@...il.com>
To:     syzbot <syzbot+bb1836a212e69f8e201a@...kaller.appspotmail.com>,
        Dmitry Vyukov <dvyukov@...gle.com>
Cc:     linux-kernel <linux-kernel@...r.kernel.org>,
        overlayfs <linux-unionfs@...r.kernel.org>,
        Miklos Szeredi <miklos@...redi.hu>,
        Miklos Szeredi <mszeredi@...hat.com>,
        syzkaller-bugs <syzkaller-bugs@...glegroups.com>
Subject: Re: WARNING in ovl_rename

On Fri, Dec 6, 2019 at 3:54 AM syzbot
<syzbot+bb1836a212e69f8e201a@...kaller.appspotmail.com> wrote:
>
> syzbot suspects this bug was fixed by commit:
>
> commit 146d62e5a5867fbf84490d82455718bfb10fe824
> Author: Amir Goldstein <amir73il@...il.com>
> Date:   Thu Apr 18 14:42:08 2019 +0000
>
>      ovl: detect overlapping layers
>
> bisection log:  https://syzkaller.appspot.com/x/bisect.txt?x=138841dae00000
> start commit:   037904a2 Merge branch 'x86-urgent-for-linus' of git://git...
> git tree:       upstream
> kernel config:  https://syzkaller.appspot.com/x/.config?x=a42d110b47dd6b36
> dashboard link: https://syzkaller.appspot.com/bug?extid=bb1836a212e69f8e201a
> syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=15ba097ca00000
> C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=10be1ceca00000
>
> If the result looks correct, please mark the bug fixed by replying with:
>
> #syz fix: ovl: detect overlapping layers
>

Not exactly. Depends how you define "the bug".

The actual bug wasn't introduced by:
     ovl: fix EIO from lookup of non-indexed upper

Nor was it fixed by:
     ovl: detect overlapping layers

It would be more accurate to say that the former commit exposed the bug
to this specific repro and the latter commit has masked it from this repro.

The actual bug was introduced by:
    804032fabb3b ("ovl: don't check rename to self")

Which did not take into account hardlinking underneath overlayfs.

I posted a fix to relax this WARN_ON(), which is marked for stable 4.9+,
because I see that the repro is also reported on kernel 4.14.y and
"ovl: detect overlapping layers" is not expected to land in 4.14.y.

Thanks,
Amir.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ