lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CADrjBPotAaBMpPjaVZ_aXQMt-RF6wiYpeYZT=5dZS_E=vGv2eg@mail.gmail.com>
Date:   Mon, 14 Nov 2022 14:38:15 +0000
From:   Peter Griffin <peter.griffin@...aro.org>
To:     Alexander Viro <viro@...iv.linux.org.uk>
Cc:     Miklos Szeredi <mszeredi@...hat.com>, stable@...r.kernel.org,
        linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
        Will McVicker <willmcvicker@...gle.com>,
        Peter Griffin <gpeter@...gle.com>
Subject: Re: [PATCH] vfs: vfs_tmpfile: ensure O_EXCL flag is enforced

Hi Alexander,

On Thu, 3 Nov 2022 at 19:12, Miklos Szeredi <miklos@...redi.hu> wrote:
>
> On Thu, 3 Nov 2022 at 18:04, Peter Griffin <peter.griffin@...aro.org> wrote:
> >
> > If O_EXCL is *not* specified, then linkat() can be
> > used to link the temporary file into the filesystem.
> > If O_EXCL is specified then linkat() should fail (-1).
> >
> > After commit 863f144f12ad ("vfs: open inside ->tmpfile()")
> > the O_EXCL flag is no longer honored by the vfs layer for
> > tmpfile, which means the file can be linked even if O_EXCL
> > flag is specified, which is a change in behaviour for
> > userspace!
> >
> > The open flags was previously passed as a parameter, so it
> > was uneffected by the changes to file->f_flags caused by
> > finish_open(). This patch fixes the issue by storing
> > file->f_flags in a local variable so the O_EXCL test
> > logic is restored.
> >
> > This regression was detected by Android CTS Bionic fcntl()
> > tests running on android-mainline [1].
> >
> > [1] https://android.googlesource.com/platform/bionic/+/
> >     refs/heads/master/tests/fcntl_test.cpp#352
>
> Looks good.
>
> Acked-by: Miklos Szeredi <mszeredi@...hat.com>

As this patch now has an Acked-by the original author of the
commit that reworked the tmpfile vfs logic and introduced the
regression. Can you pick up this commit and send it onto Linus
for inclusion into the next v6.1-rc release?

Note, it fixes a regression for userspace introduced in this merge
window so I was hoping to get the fix into the next -rc so that the
v6.1 release does not contain this bug.

Many thanks,

Peter

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ