lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <aUteBPWPYzVWIZFH@ndev>
Date: Wed, 24 Dec 2025 11:29:08 +0800
From: Jinchao Wang <wangjinchao600@...il.com>
To: Shakeel Butt <shakeel.butt@...ux.dev>
Cc: Andrew Morton <akpm@...ux-foundation.org>, Song Liu <song@...nel.org>,
	Jiri Olsa <jolsa@...nel.org>, Alexei Starovoitov <ast@...nel.org>,
	Daniel Borkmann <daniel@...earbox.net>,
	Andrii Nakryiko <andrii@...nel.org>,
	Martin KaFai Lau <martin.lau@...ux.dev>,
	Eduard Zingerman <eddyz87@...il.com>,
	Yonghong Song <yonghong.song@...ux.dev>,
	John Fastabend <john.fastabend@...il.com>,
	KP Singh <kpsingh@...nel.org>, Stanislav Fomichev <sdf@...ichev.me>,
	Hao Luo <haoluo@...gle.com>, linux-kernel@...r.kernel.org,
	bpf@...r.kernel.org,
	syzbot+e008db2ac01e282550ee@...kaller.appspotmail.com
Subject: Re: [PATCH] buildid: validate page-backed file before parsing build
 ID

On Tue, Dec 23, 2025 at 11:05:49AM -0800, Shakeel Butt wrote:
> Hi Jinchao,
> 
> On Tue, Dec 23, 2025 at 06:32:07PM +0800, Jinchao Wang wrote:
> > __build_id_parse() only works on page-backed storage.  Its helper paths
> > eventually call mapping->a_ops->read_folio(), so explicitly reject VMAs
> > that do not map a regular file or lack valid address_space operations.
> > 
> > Reported-by: syzbot+e008db2ac01e282550ee@...kaller.appspotmail.com
> > Signed-off-by: Jinchao Wang <wangjinchao600@...il.com>
> 
> Check the previous discussion on this at
> https://lore.kernel.org/all/20251114193729.251892-1-ssranevjti@gmail.com/
> 
> The preferred solution was to use kernel_read() call instead of adding
> more such checks. Please check and test the patch at
> https://lore.kernel.org/20251222205859.3968077-1-shakeel.butt@linux.dev/
> 

Thanks for the pointer.

After reading the discussion and the patch, I agree with you.
I also tested your patch, it fixes:
https://syzkaller.appspot.com/bug?extid=e008db2ac01e282550ee

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ