| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250217-vfs-fixes-f47d095c551e@brauner>
Date: Mon, 17 Feb 2025 11:37:00 +0100
From: Christian Brauner <brauner@...nel.org>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: Christian Brauner <brauner@...nel.org>,
linux-fsdevel@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: [GIT PULL] vfs fixes
Hey Linus,
/* Summary */
This contains various fixes for this cycle:
- It was reported that the acct(2) system call can be used to trigger a
NULL deref in cases where it is set to write to a file that triggers
an internal lookup.
This can e.g., happen when pointing acct(2) to /sys/power/resume. At
the point the where the write to this file happens the calling task
has already exited and called exit_fs() but an internal lookup might
be triggered through lookup_bdev(). This may trigger a NULL-deref when
accessing current->fs.
Reorganize the code so that the the final write happens from the
workqueue but with the caller's credentials. This preserves the
(strange) permission model and has almost no regression risk.
Also block access to kernel internal filesystems as well as procfs and
sysfs in the first place.
- Various fixes for netfslib:
- Fix a number of read-retry hangs, including:
- Incorrect getting/putting of references on subreqs as we
retry them.
- Failure to track whether a last old subrequest in a retried
set is superfluous.
- Inconsistency in the usage of wait queues used for subrequests
(ie. using clear_and_wake_up_bit() whilst waiting on a private
waitqueue).
- Add stats counters for retries and publish in /proc/fs/netfs/stats.
This is not a fix per se, but is useful in debugging and shouldn't
otherwise change the operation of the code.
- Fix the ordering of queuing subrequests with respect to setting the
request flag that says we've now queued them all.
/* Testing */
gcc version (Debian 14.2.0-8) 14.2.0
Debian clang version 19.1.4 (1)
No build failures or warnings were observed.
/* Conflicts */
Merge conflicts with mainline
=============================
No known conflicts.
Merge conflicts with other trees
================================
No known conflicts.
The following changes since commit a64dcfb451e254085a7daee5fe51bf22959d52d3:
Linux 6.14-rc2 (2025-02-09 12:45:03 -0800)
are available in the Git repository at:
git@...olite.kernel.org:pub/scm/linux/kernel/git/vfs/vfs tags/vfs-6.14-rc4.fixes
for you to fetch changes up to a33f72554adf4552e53af3784cebfc4f2886c396:
Merge patch series "netfs: Miscellaneous fixes" (2025-02-13 16:00:53 +0100)
Please consider pulling these changes from the signed vfs-6.14-rc4.fixes tag.
Thanks!
Christian
----------------------------------------------------------------
vfs-6.14-rc4.fixes
----------------------------------------------------------------
Christian Brauner (4):
acct: perform last write from workqueue
acct: block access to kernel internal filesystems
Merge patch series "acct: don't allow access to internal filesystems"
Merge patch series "netfs: Miscellaneous fixes"
David Howells (3):
netfs: Fix a number of read-retry hangs
netfs: Add retry stat counters
netfs: Fix setting NETFS_RREQ_ALL_QUEUED to be after all subreqs queued
fs/netfs/buffered_read.c | 19 ++++--
fs/netfs/internal.h | 4 ++
fs/netfs/read_collect.c | 6 +-
fs/netfs/read_retry.c | 43 ++++++++++----
fs/netfs/stats.c | 9 +++
fs/netfs/write_issue.c | 1 +
fs/netfs/write_retry.c | 2 +
include/linux/netfs.h | 2 +-
include/trace/events/netfs.h | 4 +-
kernel/acct.c | 134 +++++++++++++++++++++++++++----------------
10 files changed, 154 insertions(+), 70 deletions(-)
Powered by blists - more mailing lists