lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAGudoHGAzNkbgUsJwvTnmO2X5crtLfO47aaVmEMwZ=G2wWTQqA@mail.gmail.com>
Date: Mon, 11 Mar 2024 20:01:14 +0100
From: Mateusz Guzik <mjguzik@...il.com>
To: Jan Kara <jack@...e.cz>
Cc: syzbot <syzbot+6ec38f7a8db3b3fb1002@...kaller.appspotmail.com>, 
	almaz.alexandrovich@...agon-software.com, anton@...era.com, axboe@...nel.dk, 
	brauner@...nel.org, ebiederm@...ssion.com, keescook@...omium.org, 
	linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org, 
	linux-mm@...ck.org, linux-ntfs-dev@...ts.sourceforge.net, 
	ntfs3@...ts.linux.dev, syzkaller-bugs@...glegroups.com, tytso@....edu, 
	viro@...iv.linux.org.uk, willy@...radead.org
Subject: Re: [syzbot] [ntfs3?] WARNING in do_open_execat

On 3/11/24, Jan Kara <jack@...e.cz> wrote:
> On Mon 11-03-24 11:04:04, syzbot wrote:
>> syzbot suspects this issue was fixed by commit:
>>
>> commit 6f861765464f43a71462d52026fbddfc858239a5
>> Author: Jan Kara <jack@...e.cz>
>> Date:   Wed Nov 1 17:43:10 2023 +0000
>>
>>     fs: Block writes to mounted block devices
>>
>> bisection log:
>> https://syzkaller.appspot.com/x/bisect.txt?x=17e3f58e180000
>> start commit:   eb3479bc23fa Merge tag 'kbuild-fixes-v6.7' of
>> git://git.ke..
>> git tree:       upstream
>> kernel config:
>> https://syzkaller.appspot.com/x/.config?x=bdf178b2f20f99b0
>> dashboard link:
>> https://syzkaller.appspot.com/bug?extid=6ec38f7a8db3b3fb1002
>> syz repro:
>> https://syzkaller.appspot.com/x/repro.syz?x=15073fd4e80000
>> C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=17b20b8f680000
>>
>> If the result looks correct, please mark the issue as fixed by replying
>> with:
>
> #syz fix: fs: Block writes to mounted block devices
>

I don't think that's correct.

The bug is ntfs instantiating an inode with bogus type (based on an
intentionally corrupted filesystem), violating the api contract with
vfs, which in turn results in the warning way later.

It may be someone sorted out ntfs doing this in the meantime, I have
not checked.

With this in mind I don't believe your patch fixed it, at best it
happened to neuter the reproducer.

vfs could definitely be patched to catch this when I_NEW is getting
cleared (only when  running with debug), not in the spot which
generates the warn.

-- 
Mateusz Guzik <mjguzik gmail.com>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ