lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20250711-ohren-hebel-4790bafe4bb4@brauner>
Date: Fri, 11 Jul 2025 12:04:43 +0200
From: Christian Brauner <brauner@...nel.org>
To: Arnd Bergmann <arnd@...nel.org>
Cc: Anuj Gupta <anuj20.g@...sung.com>, 
	"Martin K. Petersen" <martin.petersen@...cle.com>, Kanchan Joshi <joshi.k@...sung.com>, 
	Christoph Hellwig <hch@...radead.org>, Arnd Bergmann <arnd@...db.de>, 
	Naresh Kamboju <naresh.kamboju@...aro.org>, Anders Roxell <anders.roxell@...aro.org>, 
	Jens Axboe <axboe@...nel.dk>, Keith Busch <kbusch@...nel.org>, 
	Caleb Sander Mateos <csander@...estorage.com>, Pavel Begunkov <asml.silence@...il.com>, 
	Alexey Dobriyan <adobriyan@...il.com>, "Darrick J. Wong" <djwong@...nel.org>, 
	linux-block@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] [v2] block: fix FS_IOC_GETLBMD_CAP parsing in
 blkdev_common_ioctl()

On Fri, Jul 11, 2025 at 10:46:51AM +0200, Arnd Bergmann wrote:
> From: Arnd Bergmann <arnd@...db.de>
> 
> Anders and Naresh found that the addition of the FS_IOC_GETLBMD_CAP
> handling in the blockdev ioctl handler breaks all ioctls with
> _IOC_NR==2, as the new command is not added to the switch but only
> a few of the command bits are check.
> 
> Move the check into the blk_get_meta_cap() function itself and make
> it return -ENOIOCTLCMD for any unsupported command code, including
> those with a smaller size that previously returned -EINVAL.
> 
> For consistency this also drops the check for NULL 'arg' that
> is really useless, as any invalid pointer should return -EFAULT.
> 
> Fixes: 9eb22f7fedfc ("fs: add ioctl to query metadata and protection info capabilities")
> Link: https://lore.kernel.org/all/CA+G9fYvk9HHE5UJ7cdJHTcY6P5JKnp+_e+sdC5U-ZQFTP9_hqQ@mail.gmail.com/
> Reported-by: Naresh Kamboju <naresh.kamboju@...aro.org>
> Cc: Anders Roxell <anders.roxell@...aro.org>
> Cc: Naresh Kamboju <naresh.kamboju@...aro.org>
> Signed-off-by: Arnd Bergmann <arnd@...db.de>
> ---
> v2: add the check in blk-integrity.c instead of ioctl.c
> 
> I've left out the maximum-size check this time, as there was no
> consensus on whether there should be one, or what value.
> 
> We still need to come up with a better way of handling these in
> general, for now the patch just addresses the immediate regression
> that Naresh found.
> 
> I have also sent a handful of patches for other drivers that have
> variations of the same bug.

Arnd, let me know how I can help!

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ