From: Zubin Mithra <zsm@chromium.org>
To: Greg KH <gregkh@linuxfoundation.org>
Cc: stable@vger.kernel.org, groeck@chromium.org,
alexander.lochmann@tu-dortmund.de, viro@zeniv.linux.org.uk
Subject: Re: f69e749a4935 ("Abort file_remove_privs() for non-reg. files")
Date: Thu, 20 Jun 2019 09:56:19 -0700 [thread overview]
Message-ID: <20190620165618.GA75359@google.com> (raw)
In-Reply-To: <20190620164428.GA8610@kroah.com>
On Thu, Jun 20, 2019 at 06:44:28PM +0200, Greg KH wrote:
> On Thu, Jun 20, 2019 at 09:30:49AM -0700, Zubin Mithra wrote:
> > Hello,
> >
> > Syzkaller has triggered a kernel WARNING when fuzzing a 4.14 kernel with the following stacktrace.
> > Call Trace:
> > __dump_stack lib/dump_stack.c:17 [inline]
> > dump_stack+0x114/0x1cf lib/dump_stack.c:53
> > panic+0x1bb/0x3a0 kernel/panic.c:181
> > __warn.cold.9+0x149/0x186 kernel/panic.c:542
> > report_bug+0x1f7/0x272 lib/bug.c:186
> > fixup_bug arch/x86/kernel/traps.c:177 [inline]
> > do_error_trap+0x1c1/0x430 arch/x86/kernel/traps.c:295
> > do_invalid_op+0x20/0x30 arch/x86/kernel/traps.c:314
> > invalid_op+0x1b/0x40 arch/x86/entry/entry_64.S:944
> > __remove_privs fs/inode.c:1805 [inline]
> > file_remove_privs+0x291/0x4c0 fs/inode.c:1827
> > __generic_file_write_iter+0x166/0x5b0 mm/filemap.c:3096
> > blkdev_write_iter+0x1f5/0x3b0 fs/block_dev.c:1905
> > call_write_iter include/linux/fs.h:1782 [inline]
> > new_sync_write fs/read_write.c:471 [inline]
> > __vfs_write+0x53f/0x7d0 fs/read_write.c:484
> > vfs_write+0x18c/0x500 fs/read_write.c:546
> > SYSC_write fs/read_write.c:593 [inline]
> > SyS_write+0xf4/0x230 fs/read_write.c:585
> > do_syscall_32_irqs_on arch/x86/entry/common.c:340 [inline]
> > do_fast_syscall_32+0x3c1/0xbf1 arch/x86/entry/common.c:403
> > entry_SYSENTER_compat+0x84/0x96 arch/x86/entry/entry_64_compat.S:139
> >
> >
> > Could the following patch be applied to 5.0.y, 4.19.y, 4.14.y? The commit is present in 5.1.y.
> > * f69e749a4935 ("Abort file_remove_privs() for non-reg. files")
>
> 5.0 is long end-of-life, but 4.19.y and 4.14.y is good. What about
> older kernels? it seems to be applicable there too, right?
Yes, 4.9.y and 4.4.y as well.
Thanks,
- Zubin
>
> thanks,
>
> greg k-h
prev parent reply other threads:[~2019-06-20 16:56 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-06-20 16:30 f69e749a4935 ("Abort file_remove_privs() for non-reg. files") Zubin Mithra
2019-06-20 16:44 ` Greg KH
2019-06-20 16:56 ` Zubin Mithra [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190620165618.GA75359@google.com \
--to=zsm@chromium.org \
--cc=alexander.lochmann@tu-dortmund.de \
--cc=gregkh@linuxfoundation.org \
--cc=groeck@chromium.org \
--cc=stable@vger.kernel.org \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.