lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 6 Dec 2022 08:12:16 +0000
From:   Aditya Garg <gargaditya08@...e.com>
To:     Viacheslav Dubeyko <slava@...eyko.com>
CC:     "willy@...radead.org" <willy@...radead.org>,
        "ira.weiny@...el.com" <ira.weiny@...el.com>,
        "axboe@...nel.dk" <axboe@...nel.dk>,
        "akpm@...ux-foundation.org" <akpm@...ux-foundation.org>,
        "bvanassche@....org" <bvanassche@....org>,
        "keescook@...omium.org" <keescook@...omium.org>,
        "songmuchun@...edance.com" <songmuchun@...edance.com>,
        "torvalds@...ux-foundation.org" <torvalds@...ux-foundation.org>,
        "linux-fsdevel@...r.kernel.org" <linux-fsdevel@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] hfsplus: Fix bug causing custom uid and gid being unable
 to be assigned with mount


> Before this change, logic called i_uid_read(inode) and checked mode.
> Now, we check only HFSPLUS_SB_UID/HFSPLUS_SB_GID flags.
> So, if we mount HFS+ volume by “sudo mount /dev/sda1 /mnt”, then
> HFSPLUS_SB_UID and HFSPLUS_SB_GID flags will be unset.
> And current logic will do nothing. Is it correct logic? Maybe, we need
> to use sbi->uid/gid if flag(s)HFSPLUS_SB_UID/HFSPLUS_SB_GID are set.
> And if not, then to use old logic. Am I correct here? Or am I still missing
> something here?

Well initially I when I tried to investigate what’s wrong, and found that the old logic was the culprit, I did some logging to see what exactly was wrong. The log patch is here btw :- https://github.com/AdityaGarg8/linux/commit/f668fb012f595d83053020b88b9439c295b4dc21

So I saw that the old logic was always false, no matter whether I mounted with uid or not.

I tried to see what makes this true, but couldn't succeed. So, I thought of a simpler approach and changed the logic itself.

To be honest, I dunno what is the old logic for. Maybe instead of completely removing the old logic, I could use an OR?

If you think its more logical, I can make this change :-

-	if (!i_gid_read(inode) && !mode)
+	if ((test_bit(HFSPLUS_SB_UID, &sbi->flags)) || (!i_uid_read(inode) && !mode))

Thanks
Aditya

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ