| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 31 Mar 2022 11:49:08 +0800 From: Liu Shixin <liushixin2@...wei.com> To: Christoph Hellwig <hch@...radead.org> CC: <linux-kernel@...r.kernel.org> Subject: Re: [PATCH -next] fs: sysv: check sbi->s_firstdatazone in complete_read_super The type I used is sysv v7. I discovered this problem through a syzkaller use case. The use case first create a file via memfd and bind it to loop0. Then mount it to a folder with type v7. No error is reported for preceding operations. Finally when create a file, the warning in inc_nlink is triggered. I want to look the filesystem information, so I execute 'df' command and find this problem. Btw, I think the warning may be a follow-up problem caused by the filesystem being created or mounted incorrectly. Thanks, On 2022/3/30 23:42, Christoph Hellwig wrote: > On Wed, Mar 30, 2022 at 06:42:15PM +0800, Liu Shixin wrote: >> sbi->s_firstinodezone is initialized to 2 and sbi->s_firstdatazone is read >> from sbd. There's no guarantee that sbi->s_firstdatazone must bigger than >> sbi->s_firstinodezone. If sbi->s_firstdatazone less than 2, the filesystem >> can still be mounted unexpetly. At this point, sbi->s_ninodes flip to very >> large value and this filesystem is broken. We can observe this by >> executing 'df' command. When we execute, we will get an error message: >> "sysv_count_free_inodes: unable to read inode table" > This looks fine. Just curious: which variant of the sysv fs do you > use and what is the use case? > . >
Powered by blists - more mailing lists