lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 12 Jun 2024 11:20:12 +0900
From: Daejun Park <daejun7.park@...sung.com>
To: "jaegeuk@...nel.org" <jaegeuk@...nel.org>, "chao@...nel.org"
	<chao@...nel.org>, "linux-f2fs-devel@...ts.sourceforge.net"
	<linux-f2fs-devel@...ts.sourceforge.net>, "linux-kernel@...r.kernel.org"
	<linux-kernel@...r.kernel.org>
CC: Daejun Park <daejun7.park@...sung.com>, Dongjin Kim
	<dongjin_.kim@...sung.com>, Seokhwan Kim <sukka.kim@...sung.com>, Yonggil
	Song <yonggil.song@...sung.com>, Eunhee Rho <eunhee83.rho@...sung.com>,
	Jaeyoon Choi <j_yoon.choi@...sung.com>, Nayeon Kim
	<nayeoni.kim@...sung.com>, Siwoo Jung <siu.jung@...sung.com>
Subject: [PATCH] f2fs: fix convert inline inode on readonly mode

syzbot reported a bug in f2fs_vm_page_mkwrite() which checks for
f2fs_has_inline_data(inode).
The bug was caused by f2fs_convert_inline_inode() not returning an
error when called on a read-only filesystem, but returning with the
inline attribute as set.
This patch fixes the problem by ensuring that f2fs_convert_inline_inode()
returns -EROFS on readonly.

Fixes: ec2ddf499402 ("f2fs: don't allow any writes on readonly mount")
Reported-by: syzbot+f195123a45ad487ca66c@...kaller.appspotmail.com
Closes: https://syzkaller.appspot.com/bug?extid=f195123a45ad487ca66c
Signed-off-by: Daejun Park <daejun7.park@...sung.com>
---
 fs/f2fs/inline.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/fs/f2fs/inline.c b/fs/f2fs/inline.c
index 7638d0d7b7ee..ae1d8f2d82c9 100644
--- a/fs/f2fs/inline.c
+++ b/fs/f2fs/inline.c
@@ -203,10 +203,12 @@ int f2fs_convert_inline_inode(struct inode *inode)
        struct page *ipage, *page;
        int err = 0;

-       if (!f2fs_has_inline_data(inode) ||
-                       f2fs_hw_is_readonly(sbi) || f2fs_readonly(sbi->sb))
+       if (!f2fs_has_inline_data(inode))
                return 0;

+       if (unlikely(f2fs_hw_is_readonly(sbi) || f2fs_readonly(sbi->sb)))
+               return -EROFS;
+
        err = f2fs_dquot_initialize(inode);
        if (err)
                return err;
--
2.25.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ