lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20260113190701.GO3634291@ZenIV>
Date: Tue, 13 Jan 2026 19:07:01 +0000
From: Al Viro <viro@...iv.linux.org.uk>
To: Mark Brown <broonie@...nel.org>
Cc: linux-fsdevel@...r.kernel.org, torvalds@...ux-foundation.org,
	brauner@...nel.org, jack@...e.cz, mjguzik@...il.com,
	paul@...l-moore.com, axboe@...nel.dk, audit@...r.kernel.org,
	io-uring@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v4 15/59] struct filename: saner handling of long names

On Tue, Jan 13, 2026 at 03:39:53PM +0000, Al Viro wrote:
> On Tue, Jan 13, 2026 at 03:31:14PM +0000, Mark Brown wrote:
> 
> > I'm seeing a regression in -next in the execveat kselftest which bisects
> > to 2a0db5f7653b ("struct filename: saner handling of long names").  The
> > test triggers two new failures with very long filenames for tests that
> > previously succeeded:
> > 
> > # # Failed to open length 4094 filename, errno=36 (File name too long)
> > # # Invoke exec via root_dfd and relative filename
> > # # child execveat() failed, rc=-1 errno=36 (File name too long)
> > # # child 9501 exited with 36 neither 99 nor 99
> > # not ok 48 Check success of execveat(8, 'opt/kselftest/exec/x...yyyyyyyyyyyyyyyyyyyy', 0)... 
> > # # Failed to open length 4094 filename, errno=36 (File name too long)
> > # # Invoke script via root_dfd and relative filename
> > # # child execveat() failed, rc=-1 errno=36 (File name too long)
> > # # child 9502 exited with 36 neither 127 nor 126
> > # not ok 49 Check success of execveat(8, 'opt/kselftest/exec/x...yyyyyyyyyyyyyyyyyyyy', 0)... 
> 
> Could you check if replacing (in include/linux/fs.h)
> 
> #define EMBEDDED_NAME_MAX       192 - sizeof(struct __filename_head)
> 
> with
> 
> #define EMBEDDED_NAME_MAX       (192 - sizeof(struct __filename_head))
> 
> is sufficient for fixing that reproducer?

FWIW, an unpleasant surprise is that LTP apparently doesn't test that
case anywhere - the effect of that braino is to lower the cutoff for
name length by 48 characters and there's not a single test in there
that would test that ;-/

chdir04 does check that name component is not too long, but that's
a different codepath - it's individual filesystem's ->lookup() rejecting
a component.

Oh, well - not hard to add (to the same chdir04, for example)...

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ