All of lore.kernel.org
 help / color / mirror / Atom feed
From: Zubin Mithra <zsm@chromium.org>
To: stable@vger.kernel.org
Cc: gregkh@linuxfoundation.org, groeck@chromium.org,
	alexander.lochmann@tu-dortmund.de, viro@zeniv.linux.org.uk
Subject: f69e749a4935 ("Abort file_remove_privs() for non-reg. files")
Date: Thu, 20 Jun 2019 09:30:49 -0700	[thread overview]
Message-ID: <20190620163048.GA189243@google.com> (raw)

Hello,

Syzkaller has triggered a kernel WARNING when fuzzing a 4.14 kernel with the following stacktrace.
Call Trace:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0x114/0x1cf lib/dump_stack.c:53
 panic+0x1bb/0x3a0 kernel/panic.c:181
 __warn.cold.9+0x149/0x186 kernel/panic.c:542
 report_bug+0x1f7/0x272 lib/bug.c:186
 fixup_bug arch/x86/kernel/traps.c:177 [inline]
 do_error_trap+0x1c1/0x430 arch/x86/kernel/traps.c:295
 do_invalid_op+0x20/0x30 arch/x86/kernel/traps.c:314
 invalid_op+0x1b/0x40 arch/x86/entry/entry_64.S:944
 __remove_privs fs/inode.c:1805 [inline]
 file_remove_privs+0x291/0x4c0 fs/inode.c:1827
 __generic_file_write_iter+0x166/0x5b0 mm/filemap.c:3096
 blkdev_write_iter+0x1f5/0x3b0 fs/block_dev.c:1905
 call_write_iter include/linux/fs.h:1782 [inline]
 new_sync_write fs/read_write.c:471 [inline]
 __vfs_write+0x53f/0x7d0 fs/read_write.c:484
 vfs_write+0x18c/0x500 fs/read_write.c:546
 SYSC_write fs/read_write.c:593 [inline]
 SyS_write+0xf4/0x230 fs/read_write.c:585
 do_syscall_32_irqs_on arch/x86/entry/common.c:340 [inline]
 do_fast_syscall_32+0x3c1/0xbf1 arch/x86/entry/common.c:403
 entry_SYSENTER_compat+0x84/0x96 arch/x86/entry/entry_64_compat.S:139


Could the following patch be applied to 5.0.y, 4.19.y, 4.14.y? The commit is present in 5.1.y.
* f69e749a4935 ("Abort file_remove_privs() for non-reg. files")


Tests run:
* Syzkaller reproducer
* Chrome OS tryjobs


Thanks,
- Zubin

             reply	other threads:[~2019-06-20 16:30 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-06-20 16:30 Zubin Mithra [this message]
2019-06-20 16:44 ` f69e749a4935 ("Abort file_remove_privs() for non-reg. files") Greg KH
2019-06-20 16:56   ` Zubin Mithra

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20190620163048.GA189243@google.com \
    --to=zsm@chromium.org \
    --cc=alexander.lochmann@tu-dortmund.de \
    --cc=gregkh@linuxfoundation.org \
    --cc=groeck@chromium.org \
    --cc=stable@vger.kernel.org \
    --cc=viro@zeniv.linux.org.uk \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.