lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Wed,  3 Aug 2022 11:34:31 +0900
From:   Jaewook Kim <jw5454.kim@...sung.com>
To:     jaegeuk@...nel.org, chao@...nel.org
Cc:     linux-f2fs-devel@...ts.sourceforge.net,
        linux-kernel@...r.kernel.org, sj1557.seo@...sung.com,
        junbeom.yeom@...sung.com, youngjin.gil@...sung.com,
        Jaewook Kim <jw5454.kim@...sung.com>
Subject: [PATCH] f2fs: do not allow to decompress files have
 FI_COMPRESS_RELEASED

If a file has FI_COMPRESS_RELEASED, all writes for it should not be
allowed. However, as of now, in case of compress_mode=user, writes
triggered by IOCTLs like F2FS_IOC_DE/COMPRESS_FILE are allowed unexpectly,
which could crash that file.
To fix it, let's do not allow F2FS_IOC_DE/COMPRESS_IOCTL if a file already
has FI_COMPRESS_RELEASED flag.

This is the reproduction process:
1. $ chattr +c ./file
2. $ dd if=/dev/zero of=./file bs=4096 count=2000 oflag=append conv=notrunc
3. $ sync
4. $ do_compress ./file      ; call F2FS_IOC_COMPRESS_FILE
5. $ get_compr_blocks ./file ; call F2FS_IOC_GET_COMPRESS_BLOCKS
6. $ do_compress ./file      ; call F2FS_IOC_COMPRESS_FILE again
7. $ get_compr_blocks ./file ; call F2FS_IOC_GET_COMPRESS_BLOCKS again

You can find compr_blocks has a negative value.

Fixes: 5fdb322ff2c2b ("f2fs: add F2FS_IOC_DECOMPRESS_FILE and F2FS_IOC_COMPRESS_FILE")

Signed-off-by: Junbeom Yeom <junbeom.yeom@...sung.com>
Signed-off-by: Sungjong Seo <sj1557.seo@...sung.com>
Signed-off-by: Youngjin Gil <youngjin.gil@...sung.com>
Signed-off-by: Jaewook Kim <jw5454.kim@...sung.com>
---
 fs/f2fs/file.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/fs/f2fs/file.c b/fs/f2fs/file.c
index 6b1b030830ca..a4713b7e12cb 100644
--- a/fs/f2fs/file.c
+++ b/fs/f2fs/file.c
@@ -3945,6 +3945,11 @@ static int f2fs_ioc_decompress_file(struct file *filp, unsigned long arg)
 		goto out;
 	}
 
+	if (is_inode_flag_set(inode, FI_COMPRESS_RELEASED)) {
+		ret = -EINVAL;
+		goto out;
+	}
+
 	ret = filemap_write_and_wait_range(inode->i_mapping, 0, LLONG_MAX);
 	if (ret)
 		goto out;
@@ -4012,6 +4017,11 @@ static int f2fs_ioc_compress_file(struct file *filp, unsigned long arg)
 		goto out;
 	}
 
+	if (is_inode_flag_set(inode, FI_COMPRESS_RELEASED)) {
+		ret = -EINVAL;
+		goto out;
+	}
+
 	ret = filemap_write_and_wait_range(inode->i_mapping, 0, LLONG_MAX);
 	if (ret)
 		goto out;
-- 
2.17.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ