lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20250205052651.GD909029@mit.edu>
Date: Wed, 5 Feb 2025 00:26:51 -0500
From: "Theodore Ts'o" <tytso@....edu>
To: Mateusz Guzik <mjguzik@...il.com>
Cc: Kees Cook <kees@...nel.org>,
        syzbot <syzbot+48a99e426f29859818c0@...kaller.appspotmail.com>,
        akpm@...ux-foundation.org, brauner@...nel.org, gustavoars@...nel.org,
        linux-hardening@...r.kernel.org, linux-kernel@...r.kernel.org,
        linux-mm@...ck.org, syzkaller-bugs@...glegroups.com
Subject: Re: [syzbot] [hardening?] [mm?] BUG: bad usercopy in vfs_readlink

On Tue, Feb 04, 2025 at 10:25:29PM +0100, Mateusz Guzik wrote:
> >
> > My question is if that's legitimate, I'm guessing not. If not, then
> > ext4 should complain about it.
> >
> > On stock kernel this happens to work because strlen finds the "right" size.
> >
> 
> So it occurred to me to check what fsck thinks about it.
> 
> I ran it twice in a row, it *removed* the problematic symlink.

Can you show me what's in the problematic symlink?  And does the
syzbot reproducer trigger a problem before adding your symlink
caching?

What would be really great if you couldcreate small focused test case
that shows what's going on --- ideally something like a 100k file
system, ala the file systems in the tests directory of the e2fsprogs
sources....

						- Ted

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ