lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <aCwcvC4KBu6j4Dqz@eldamar.lan>
Date: Tue, 20 May 2025 08:10:04 +0200
From: Salvatore Bonaccorso <carnil@...ian.org>
To: Roland Clobus <rclobus@...obus.nl>, Lizhi Xu <lizhi.xu@...driver.com>,
	Christoph Hellwig <hch@....de>, Jens Axboe <axboe@...nel.dk>
Cc: 1106070@...s.debian.org, linux-block@...r.kernel.org,
	linux-kernel@...r.kernel.org, stable@...r.kernel.org,
	regressions@...ts.linux.dev
Subject: Re: [6.12.y regression] loosetup: failed to set up loop device:
 Invalid argument after 184b147b9f7f ("loop: Add sanity check for
 read/write_iter")

On Tue, May 20, 2025 at 07:57:31AM +0200, Salvatore Bonaccorso wrote:
> Hi
> 
> In Debian Roland Clobus reported a regression with setting up loop
> devices from a backing squashfs file lying on read-only mounted target
> directory from a iso.
> 
> The original report is at:
> https://bugs.debian.org/1106070
> 
> Quoting the report:
> 
> On Mon, May 19, 2025 at 12:15:10PM +0200, Roland Clobus wrote:
> > Package: linux-image-6.12.29-amd64
> > Version: 6.12.29-1
> > Severity: important
> > X-Debbugs-Cc: debian-amd64@...ts.debian.org
> > User: debian-amd64@...ts.debian.org
> > Usertags: amd64
> > X-Debbugs-Cc: phil@...ds.com
> > User: debian-qa@...ts.debian.org
> > Usertags: openqa
> > X-Debbugs-Cc: debian-boot
> > 
> > Hello maintainers of the kernel,
> > 
> > The new kernel (6.12.29) has a modified behaviour (compared to 6.12.27) for
> > the loop device.
> > 
> > This causes the Debian live images (for sid) to fail to boot.
> > 
> > The change happened between 20250518T201633Z and 20250519T021902Z, which
> > matches the upload of 6.12.29 (https://tracker.debian.org/news/1646619/accepted-linux-signed-amd64-612291-source-into-unstable/)
> > at 20250518T230426Z.
> > 
> > To reproduce:
> > * Download the daily live image from https://openqa.debian.net/tests/396941/asset/iso/smallest-build_sid_20250519T021902Z.iso
> > * Boot into the live image (the first boot option)
> > * Result: an initramfs shell (instead of a live system) -> FAIL
> > * Try: `losetup -r /dev/loop1 /run/live/medium/live/filesystem.squashfs`
> > * Result: `failed to set up loop device: invalid argument` -> FAIL
> > * Try: `cp /run/live/medium/live/filesystem.squashfs /`
> > * Try: `losetup -r /dev/loop2 /filesystem.squashfs`
> > * Result: `loop2: detected capacity change from 0 to 1460312` -> PASS
> > 
> > It appears that the loopback device cannot be used any more with the mount
> > /run/live/medium (which is on /dev/sr0).
> > 
> > I've verified: the md5sum of the squashfs file is OK.
> > 
> > The newer kernel is not in trixie yet.
> > 
> > With kind regards,
> > Roland Clobus
> 
> A short reproducer is as follows:
> 
> iso="netinst.iso"
> url="https://openqa.debian.net/tests/396941/asset/iso/smallest-build_sid_20250519T021902Z.iso"
> if [ ! -e "${iso}" ]; then
>         wget "${url}" -O "${iso}"
> fi
> mountdir="$(mktemp -d)"
> mount -v "./${iso}" "${mountdir}"
> losetup -v -r -f "${mountdir}/live/filesystem.squashfs"
> loosetup -l
> 
> resulting in:
> 
> mount: /tmp/tmp.HgbNe7ek3h: WARNING: source write-protected, mounted read-only.
> mount: /dev/loop0 mounted on /tmp/tmp.HgbNe7ek3h.
> losetup: /tmp/tmp.HgbNe7ek3h/live/filesystem.squashfs: failed to set up loop device: Invalid argument
> NAME       SIZELIMIT OFFSET AUTOCLEAR RO BACK-FILE         DIO LOG-SEC
> /dev/loop0         0      0         1  0 /root/netinst.iso   0     512
> 
> Reverting 184b147b9f7f ("loop: Add sanity check for read/write_iter")
> on top of 6.12.29 fixes the issue:
> 
> mount: /tmp/tmp.ACkkdCdYvB: WARNING: source write-protected, mounted read-only.
> mount: /dev/loop0 mounted on /tmp/tmp.ACkkdCdYvB.
> NAME       SIZELIMIT OFFSET AUTOCLEAR RO BACK-FILE                                    DIO LOG-SEC
> /dev/loop1         0      0         0  1 /tmp/tmp.ACkkdCdYvB/live/filesystem.squashfs   0     512
> /dev/loop0         0      0         1  0 /root/netinst.iso                              0     512
> 
> For completeness, netinst.iso is a iso9660 fstype with mount options
> "ro,relatime,nojoliet,check=s,map=n,blocksize=2048,iocharset=utf8".
> 
> #regzbot introduced: 184b147b9f7f
> #regzbot link: https://bugs.debian.org/1106070

Just tested: The regression exists as well in 6.15-rc7 so it is not
specific to the stable 6.12.y update.

Regards,
Salvatore

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ