| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <l7xs6ea7takb5yvyvobxoce3mudbgen5d7s47onksm4ujpdkib@tvstwbdpvm4o> Date: Thu, 15 May 2025 12:37:04 -0400 From: Kent Overstreet <kent.overstreet@...ux.dev> To: Roberto Sassu <roberto.sassu@...weicloud.com> Cc: syzbot <syzbot+3f0b3970f154dfc95e6e@...kaller.appspotmail.com>, dmitry.kasatkin@...il.com, eric.snowberg@...cle.com, jmorris@...ei.org, linux-integrity@...r.kernel.org, linux-kernel@...r.kernel.org, linux-security-module@...r.kernel.org, paul@...l-moore.com, roberto.sassu@...wei.com, serge@...lyn.com, syzkaller-bugs@...glegroups.com, zohar@...ux.ibm.com, linux-bcachefs@...r.kernel.org Subject: Re: [syzbot] [lsm?] [integrity?] KMSAN: uninit-value in ima_add_template_entry (3) On Thu, May 15, 2025 at 04:30:09PM +0200, Roberto Sassu wrote: > On Thu, 2025-05-15 at 10:18 -0400, Kent Overstreet wrote: > > On Thu, May 15, 2025 at 04:06:02PM +0200, Roberto Sassu wrote: > > > On Wed, 2025-05-14 at 07:54 -0700, syzbot wrote: > > > > Hello, > > > > > > + Kent, bcachefs mailing list > > > > > > I have the feeling that this was recently fixed in one of the latest > > > pull requests in bcachefs. I don't see it occurring anymore, and there > > > are more commits after the one reported by syzbot. > > > > I have no idea how any of the ima stuff works or even what it does, I'm > > not even sure where I'd start... > > Basically, I got a clue that bcachefs would be the cause from the > bottom of the report: > > page_cache_sync_ra+0x108a/0x13e0 mm/readahead.c:621 > filemap_get_pages+0xfb3/0x3a70 mm/filemap.c:2591 > filemap_read+0x5c6/0x2190 mm/filemap.c:2702 > bch2_read_iter+0x559/0x21c0 fs/bcachefs/fs-io-direct.c:221 > __kernel_read+0x750/0xda0 fs/read_write.c:528 > integrity_kernel_read+0x77/0x90 security/integrity/iint.c:28 > > This means that IMA is reading a file and calculating a digest over it: > > ima_calc_file_hash_tfm security/integrity/ima/ima_crypto.c:498 [inline] > ima_calc_file_shash security/integrity/ima/ima_crypto.c:511 [inline] > ima_calc_file_hash+0x240a/0x3fd0 security/integrity/ima/ima_crypto.c:568 > ima_collect_measurement+0x45d/0xe60 security/integrity/ima/ima_api.c:293 > process_measurement+0x2d1a/0x40e0 security/integrity/ima/ima_main.c:385 > ima_file_check+0x8e/0xd0 security/integrity/ima/ima_main.c:613 > > syzbot is complaining that the data the digest was calculated from was > not initialized (e.g. zeroed). > > There is a reproducer, we would be probably able to do a bisection and > find the commit that caused it (and maybe the one that fixed it). Ok, that would be fixed by the - multiple - KMSAN fixes, most of those were spurious but code was lacking annotations. Probably this one: 9c3a2c9b471a bcachefs: Disable asm memcpys when kmsan enabled
Powered by blists - more mailing lists