| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20200715125018.mjj6sj5uibd5s67b@pesu-pes-edu>
Date: Wed, 15 Jul 2020 08:50:18 -0400
From: B K Karthik <bkkarthik@...u.pes.edu>
To: Alexander Viro <viro@...iv.linux.org.uk>,
linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: [PATCH] fs: block_dev.c: fix WARNING in submit_bio_check
duplicating the logic in blkdev_get_by_path to
blkdev_get_by_dev to avoid a user-triggerable WARN
trying to write to a read-only block device.
blkdev_get_by_path() looks at
((mode & FMODE_WRITE) && bdev_read_only(bdev)) to check for write permissions.
A user-triggerable WARN can be avoided by doing the same with bdev_get_by_dev.
Reported-by: syzbot+4c50ac32e5b10e4133e1@...kaller.appspotmail.com
Signed-off-by: B K Karthik <karthik.bk2000@...e.com>
---
fs/block_dev.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/fs/block_dev.c b/fs/block_dev.c
index 64c4fe8181f2..472e3b046406 100644
--- a/fs/block_dev.c
+++ b/fs/block_dev.c
@@ -1796,6 +1796,11 @@ struct block_device *blkdev_get_by_dev(dev_t dev, fmode_t mode, void *holder)
if (err)
return ERR_PTR(err);
+ if ((mode & FMODE_WRITE) && bdev_read_only(bdev)) {
+ blkdev_put(bdev, mode);
+ return ERR_PTR(-EACCES);
+ }
+
return bdev;
}
EXPORT_SYMBOL(blkdev_get_by_dev);
--
2.20.1
Download attachment "signature.asc" of type "application/pgp-signature" (660 bytes)
Powered by blists - more mailing lists