| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20251210153531.GX1712166@ZenIV>
Date: Wed, 10 Dec 2025 15:35:31 +0000
From: Al Viro <viro@...iv.linux.org.uk>
To: Mateusz Guzik <mjguzik@...il.com>
Cc: Tetsuo Handa <penguin-kernel@...ove.sakura.ne.jp>,
syzbot <syzbot+d222f4b7129379c3d5bc@...kaller.appspotmail.com>,
brauner@...nel.org, jack@...e.cz, jlbec@...lplan.org,
joseph.qi@...ux.alibaba.com, linkinjeon@...nel.org,
linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
mark@...heh.com, ocfs2-devel@...ts.linux.dev,
sj1557.seo@...sung.com, syzkaller-bugs@...glegroups.com,
Chuck Lever <chuck.lever@...cle.com>
Subject: Re: [PATCH for 6.19-rc1] fs: preserve file type in make_bad_inode()
unless invalid
On Wed, Dec 10, 2025 at 11:09:24AM +0100, Mateusz Guzik wrote:
> On Wed, Dec 10, 2025 at 10:45 AM Tetsuo Handa
> <penguin-kernel@...ove.sakura.ne.jp> wrote:
> >
> > syzbot is hitting VFS_BUG_ON_INODE(!S_ISDIR(inode->i_mode)) check
> > introduced by commit e631df89cd5d ("fs: speed up path lookup with cheaper
> > handling of MAY_EXEC"), for make_bad_inode() is blindly changing file type
> > to S_IFREG. Since make_bad_inode() might be called after an inode is fully
> > constructed, make_bad_inode() should not needlessly change file type.
> >
>
> ouch
>
> So let's say calls to make_bad_inode *after* d_instantiate are unavoidable.
... and each one is a bug.
Powered by blists - more mailing lists