lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20201118110437.36e84496@gandalf.local.home>
Date:   Wed, 18 Nov 2020 11:04:37 -0500
From:   Steven Rostedt <rostedt@...dmis.org>
To:     Masami Hiramatsu <mhiramat@...nel.org>
Cc:     Linus Torvalds <torvalds@...ux-foundation.org>,
        Chen Yu <yu.c.chen@...el.com>,
        Chen Yu <yu.chen.surf@...il.com>,
        LKML <linux-kernel@...r.kernel.org>,
        Ingo Molnar <mingo@...nel.org>,
        Jonathan Corbet <corbet@....net>
Subject: Re: [PATCH v4 2/4] tools/bootconfig: Fix to check the write failure
 correctly

On Thu, 19 Nov 2020 00:35:35 +0900
Masami Hiramatsu <mhiramat@...nel.org> wrote:

> Fix to check the write(2) failure including partial write
> correctly and try to rollback the partial write, because
> if there is no BOOTCONFIG_MAGIC string, we can not remove it.
> 
> Fixes: 85c46b78da58 ("bootconfig: Add bootconfig magic word for indicating bootconfig explicitly")
> Suggested-by: Linus Torvalds <torvalds@...ux-foundation.org>
> Signed-off-by: Masami Hiramatsu <mhiramat@...nel.org>
> Tested-by: Chen Yu <yu.chen.surf@...il.com>
> ---
>  tools/bootconfig/main.c |   27 +++++++++++++++++++++++----
>  1 file changed, 23 insertions(+), 4 deletions(-)
> 
> diff --git a/tools/bootconfig/main.c b/tools/bootconfig/main.c
> index 52eb2bbe8966..905bfaefae35 100644
> --- a/tools/bootconfig/main.c
> +++ b/tools/bootconfig/main.c
> @@ -337,6 +337,7 @@ static int delete_xbc(const char *path)
>  
>  static int apply_xbc(const char *path, const char *xbc_path)
>  {
> +	struct stat stat;
>  	u32 size, csum;
>  	char *buf, *data;
>  	int ret, fd;
> @@ -394,16 +395,26 @@ static int apply_xbc(const char *path, const char *xbc_path)
>  		return ret;
>  	}
>  	/* TODO: Ensure the @path is initramfs/initrd image */
> +	if (fstat(fd, &stat) < 0) {
> +		pr_err("Failed to get the size of %s\n", path);
> +		goto out;
> +	}
>  	ret = write(fd, data, size + 8);
> -	if (ret < 0) {
> +	if (ret < size + 8) {
> +		if (ret < 0)
> +			ret = -errno;
>  		pr_err("Failed to apply a boot config: %d\n", ret);
> -		goto out;
> +		if (ret < 0)
> +			goto out;
> +		goto out_rollback;
>  	}
>  	/* Write a magic word of the bootconfig */
>  	ret = write(fd, BOOTCONFIG_MAGIC, BOOTCONFIG_MAGIC_LEN);
> -	if (ret < 0) {
> +	if (ret < BOOTCONFIG_MAGIC_LEN) {
> +		if (ret < 0)
> +			ret = -errno;
>  		pr_err("Failed to apply a boot config magic: %d\n", ret);
> -		goto out;
> +		goto out_rollback;
>  	}
>  	ret = 0;
>  out:
> @@ -411,6 +422,14 @@ static int apply_xbc(const char *path, const char *xbc_path)
>  	free(data);
>  
>  	return ret;
> +
> +out_rollback:
> +	if (ftruncate(fd, stat.st_size) < 0) {

If the first write fails (doesn't modify the initrd), and then this fails,
you will show a message of: "may be corrupted. Recommend to rebuild", when
that would not be the case. Should a test of the size be done again, to see
if it is already the same?

out_rollback:
	old_size = stat.st_size;
	if (stat(fd, &stat) < 0) /* Shouldn't happen, it worked once before */
		goto print_error;

	if (old_size < stat.st_size)
		if (ftruncate(fd, old_size) < 0)
			goto print_error;

	goto out;

print_error:

> +		ret = -errno;
> +		pr_err("Failed to rollback the write error: %d\n", ret);
> +		pr_err("The initrd %s may be corrupted. Recommend to rebuild.\n", path);
> +	}
> +	goto out;
>  }
>  
>  static int usage(void)

-- Steve

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ