lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <Y5X7RBznTD6rPfro@casper.infradead.org>
Date:   Sun, 11 Dec 2022 15:46:12 +0000
From:   Matthew Wilcox <willy@...radead.org>
To:     Hillf Danton <hdanton@...a.com>
Cc:     Al Viro <viro@...iv.linux.org.uk>,
        syzbot <syzbot+919c5a9be8433b8bf201@...kaller.appspotmail.com>,
        linux-kernel@...r.kernel.org, linux-mm@...ck.org,
        syzkaller-bugs@...glegroups.com
Subject: Re: [syzbot] WARNING in do_mkdirat

On Sun, Dec 11, 2022 at 06:22:08PM +0800, Hillf Danton wrote:
> On 11 Dec 2022 08:39:18 +0000 Al Viro <viro@...iv.linux.org.uk>
> > On Sun, Dec 11, 2022 at 03:56:12PM +0800, Hillf Danton wrote:
> > > On 11 Dec 2022 02:52:57 +0000 Al Viro <viro@...iv.linux.org.uk>
> > > > On Sat, Dec 10, 2022 at 06:30:22PM -0800, syzbot wrote:
> > > > > Hello,
> > > > > 
> > > > > syzbot has tested the proposed patch but the reproducer is still triggering an issue:
> > > > > WARNING in done_path_create
> > > > 
> > > > How many times does it need to be repeated that ANY BUG REPORTS INVOLVING NTFS3 IN
> > > > REPRODUCER NEED TO BE CCED TO MAINTAINERS OF NTFS3?
> > > > 
> > > > I'm done with any syzbot output.  From now on it's getting triaged
> > > > straight to /dev/null here.
> > > 
> > > Calm downnnnnn Sir even if this is not the east ender style.
> > > 
> > > Frankly no interest here at all wasting any network bandwidth just to get you
> > > interrupted if it would take less than 72 hours to discover one of the beatles
> > > you created. And actually more than double check is needed to ensure who
> > > did that.
> > 
> > 	The first iterations of the same suggestion had been a lot calmer...
> > One of the earlier examples: https://lore.kernel.org/all/YzEJ2D8kga+ZRDZx@ZenIV/
> > And I distinctly remember similar attempts from other folks.
> > 
> > 	It's really a matter of triage; as it is, syzkaller folks are
> > expecting that any mail from the bot will be looked into by everyone
> > on fsdevel, on the off-chance that it's relevant for them.  What's
> 
> FILESYSTEMS (VFS and infrastructure)
> M:	Alexander Viro <viro@...iv.linux.org.uk>
> L:	linux-fsdevel@...r.kernel.org
> S:	Maintained
> F:	fs/*
> F:	include/linux/fs.h
> F:	include/linux/fs_types.h
> F:	include/uapi/linux/fs.h
> F:	include/uapi/linux/openat2.h
> 
>  _> ls fs/* | grep ntfs
> fs/ntfs:
> ntfs.h
> fs/ntfs3:
> fsntfs.c
> ntfs.h
> ntfs_fs.h
> 
> Why not change what you really want to cover instead of complaining once more
> and opting to triage?

You've completely misunderstood Al's point.  He's not whining about
being cc'd, he's pointing at this is ONLY USEFUL IF THE NTFS3
MAINTAINERS ARE CC'd.  And they're not.  So this is just noise.
And enough noise means that signal is lost.

> > more, it's not just "read the mail" - information in the mail body
> > is next to useless in such situations.  So you are asking to
> > 	* start a browser
> > 	* cut'n'paste the URL from MUA
> > 	* dig around in the files linked to the damn thing
> > ... all of that for an fs maintainer to see if his filesystem is
> > even present?  Seriously?  For each syzbot fsdevel posting?
> > 
> > 	I would have looked at it anyway; granted, seeing ntfs3 I'd chalked
> > it up to ntfs bugs (fs/ntfs3 has not been there for long and it didn't get
> > outright memory corruptors beaten out of it yet).
> > 
> > 	But how the bleeding hell are ntfs folks supposed to guess that
> > this report might be relevant for them?  Same for XFS, ext4, orangefs,
> > et sodding cetera - and for most of those any of such reports would've
> > ended up wasted time for the good and simple reasons that it's not
> > any fs they'd been involved with.
> > 
> > 	What really pisses me off is that on the sending side the
> > required check is trivial - if you are going to fuzz a filesystem,
> > put a note into report, preferably in subject.  Sure, it's your
> > code, you get to decide what to spend your time upon (you == syzkaller
> > maintainers).  But please keep in mind that for recepients it's
> > a lot of recurring work, worthless for the majority of those who
> > end up bothering with it.  Every time they receive a mail from
> > that source.
> > 
> > 	Ignore polite suggestions enough times, earn a mix of
> > impolite ones and .procmailrc recipes, it's that simple...
> > 
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ