* Re: [PATCH] qnx4: fix to avoid panic due to buffer overflow [not found] <20231112095353.579855-1-debug.penguin32@gmail.com> @ 2025-02-21 14:51 ` Mateusz Guzik 2025-02-21 17:38 ` Kees Cook 0 siblings, 1 reply; 8+ messages in thread From: Mateusz Guzik @ 2025-02-21 14:51 UTC (permalink / raw) To: Ronald Monthero Cc: al, keescook, gustavoars, linux-kernel, linux-hardening, brauner, jack, linux-fsdevel On Sun, Nov 12, 2023 at 07:53:53PM +1000, Ronald Monthero wrote: > qnx4 dir name length can vary to be of maximum size > QNX4_NAME_MAX or QNX4_SHORT_NAME_MAX depending on whether > 'link info' entry is stored and the status byte is set. > So to avoid buffer overflow check di_fname length > fetched from (struct qnx4_inode_entry *) > before use in strlen to avoid buffer overflow. > Inspired by removals of reiserfs and sysv I decided to try to whack qnx4. This here is the only qnx4-specific change made to the fs in years. Are you using the filesystem? Perhaps you just playing around fuzzing and that's how you got there instead? ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH] qnx4: fix to avoid panic due to buffer overflow 2025-02-21 14:51 ` [PATCH] qnx4: fix to avoid panic due to buffer overflow Mateusz Guzik @ 2025-02-21 17:38 ` Kees Cook 2025-02-22 12:12 ` Mateusz Guzik 0 siblings, 1 reply; 8+ messages in thread From: Kees Cook @ 2025-02-21 17:38 UTC (permalink / raw) To: Mateusz Guzik Cc: Ronald Monthero, al, gustavoars, linux-kernel, linux-hardening, brauner, jack, linux-fsdevel On Fri, Feb 21, 2025 at 03:51:23PM +0100, Mateusz Guzik wrote: > On Sun, Nov 12, 2023 at 07:53:53PM +1000, Ronald Monthero wrote: > > qnx4 dir name length can vary to be of maximum size > > QNX4_NAME_MAX or QNX4_SHORT_NAME_MAX depending on whether > > 'link info' entry is stored and the status byte is set. > > So to avoid buffer overflow check di_fname length > > fetched from (struct qnx4_inode_entry *) > > before use in strlen to avoid buffer overflow. > > > > Inspired by removals of reiserfs and sysv I decided to try to whack > qnx4. I have no strong opinion here beyond just pointing out that it appears that the qnx4 fs is still extant in the world. QNX itself is still alive and well and using this filesystem based on what I can find. -Kees -- Kees Cook ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH] qnx4: fix to avoid panic due to buffer overflow 2025-02-21 17:38 ` Kees Cook @ 2025-02-22 12:12 ` Mateusz Guzik 2025-02-22 15:17 ` Kees Cook 2025-02-23 0:19 ` Al Viro 0 siblings, 2 replies; 8+ messages in thread From: Mateusz Guzik @ 2025-02-22 12:12 UTC (permalink / raw) To: Kees Cook Cc: Ronald Monthero, al, gustavoars, linux-kernel, linux-hardening, brauner, jack, linux-fsdevel On Fri, Feb 21, 2025 at 6:38 PM Kees Cook <kees@kernel.org> wrote: > > On Fri, Feb 21, 2025 at 03:51:23PM +0100, Mateusz Guzik wrote: > > On Sun, Nov 12, 2023 at 07:53:53PM +1000, Ronald Monthero wrote: > > > qnx4 dir name length can vary to be of maximum size > > > QNX4_NAME_MAX or QNX4_SHORT_NAME_MAX depending on whether > > > 'link info' entry is stored and the status byte is set. > > > So to avoid buffer overflow check di_fname length > > > fetched from (struct qnx4_inode_entry *) > > > before use in strlen to avoid buffer overflow. > > > > > > > Inspired by removals of reiserfs and sysv I decided to try to whack > > qnx4. > > I have no strong opinion here beyond just pointing out that it appears > that the qnx4 fs is still extant in the world. QNX itself is still alive > and well and using this filesystem based on what I can find. > I'm aware. However, we reached a point where should someone need to access a now-removed filesystem, they can spin up a VM with an older system to do it (including with one of the myriad Linux distro releases). Suppose support disappears tomorrow. You still have something like debian which will have a kernel with the module for several years. But suppose you are years down the road and all the Linux distros which had it are past EOL and you still need it. For the purpose of reading the sucker, you can still use them. So I don't believe this will cut anyone off of transferring data out of a filesystem which got whacked upstream. That's concerning old filesystems in general. As for qnx4 in particular, should you git log on it, you will find the support is read-only. And should you read between the commits (if you will) I am not at all convinced even that was high quality to begin with -- looks like an abandoned WIP. General tune is not holding the codebase hostage to obsolete (and probably not at all operational) components. If in doubt, prune it. This reminded me of a funny remark made by someone else concerning removal of drivers for stale hardware. It was in the lines of "if you ask if anyone is still using it, someone will respond they have an old machine in their garage which they were totally going to boot up this weekend. if you just remove it, nobody will ever notice". If it was not for the aforementioned bugfix, I would be sending a removal instead. -- Mateusz Guzik <mjguzik gmail.com> ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH] qnx4: fix to avoid panic due to buffer overflow 2025-02-22 12:12 ` Mateusz Guzik @ 2025-02-22 15:17 ` Kees Cook 2025-02-22 16:36 ` Mateusz Guzik 2025-02-23 0:19 ` Al Viro 1 sibling, 1 reply; 8+ messages in thread From: Kees Cook @ 2025-02-22 15:17 UTC (permalink / raw) To: Mateusz Guzik Cc: Ronald Monthero, al, gustavoars, linux-kernel, linux-hardening, brauner, jack, linux-fsdevel On Sat, Feb 22, 2025 at 01:12:47PM +0100, Mateusz Guzik wrote: > If it was not for the aforementioned bugfix, I would be sending a > removal instead. Less code is fewer bugs. I'm for it. :) -- Kees Cook ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH] qnx4: fix to avoid panic due to buffer overflow 2025-02-22 15:17 ` Kees Cook @ 2025-02-22 16:36 ` Mateusz Guzik 2025-02-24 11:26 ` Christian Brauner 0 siblings, 1 reply; 8+ messages in thread From: Mateusz Guzik @ 2025-02-22 16:36 UTC (permalink / raw) To: Kees Cook Cc: Ronald Monthero, al, gustavoars, linux-kernel, linux-hardening, brauner, jack, linux-fsdevel On Sat, Feb 22, 2025 at 4:17 PM Kees Cook <kees@kernel.org> wrote: > > On Sat, Feb 22, 2025 at 01:12:47PM +0100, Mateusz Guzik wrote: > > If it was not for the aforementioned bugfix, I would be sending a > > removal instead. > > Less code is fewer bugs. I'm for it. :) > Removed code is debugged code. -- Mateusz Guzik <mjguzik gmail.com> ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH] qnx4: fix to avoid panic due to buffer overflow 2025-02-22 16:36 ` Mateusz Guzik @ 2025-02-24 11:26 ` Christian Brauner 0 siblings, 0 replies; 8+ messages in thread From: Christian Brauner @ 2025-02-24 11:26 UTC (permalink / raw) To: Mateusz Guzik Cc: Kees Cook, Ronald Monthero, al, gustavoars, linux-kernel, linux-hardening, jack, linux-fsdevel On Sat, Feb 22, 2025 at 05:36:11PM +0100, Mateusz Guzik wrote: > On Sat, Feb 22, 2025 at 4:17 PM Kees Cook <kees@kernel.org> wrote: > > > > On Sat, Feb 22, 2025 at 01:12:47PM +0100, Mateusz Guzik wrote: > > > If it was not for the aforementioned bugfix, I would be sending a > > > removal instead. > > > > Less code is fewer bugs. I'm for it. :) > > > > Removed code is debugged code. We have both qnx4 and qnx6. Can anyone with authority speak as to the usage of qnx4? ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH] qnx4: fix to avoid panic due to buffer overflow 2025-02-22 12:12 ` Mateusz Guzik 2025-02-22 15:17 ` Kees Cook @ 2025-02-23 0:19 ` Al Viro 2025-02-24 11:56 ` Mateusz Guzik 1 sibling, 1 reply; 8+ messages in thread From: Al Viro @ 2025-02-23 0:19 UTC (permalink / raw) To: Mateusz Guzik Cc: Kees Cook, Ronald Monthero, al, gustavoars, linux-kernel, linux-hardening, brauner, jack, linux-fsdevel On Sat, Feb 22, 2025 at 01:12:47PM +0100, Mateusz Guzik wrote: > General tune is not holding the codebase hostage to obsolete (and > probably not at all operational) components. If in doubt, prune it. What exactly is being held hostage, though? Do we have an API change that gets blocked just by the old filesystems and if so, which one it is? ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH] qnx4: fix to avoid panic due to buffer overflow 2025-02-23 0:19 ` Al Viro @ 2025-02-24 11:56 ` Mateusz Guzik 0 siblings, 0 replies; 8+ messages in thread From: Mateusz Guzik @ 2025-02-24 11:56 UTC (permalink / raw) To: Al Viro Cc: Kees Cook, Ronald Monthero, al, gustavoars, linux-kernel, linux-hardening, brauner, jack, linux-fsdevel On Sun, Feb 23, 2025 at 1:19 AM Al Viro <viro@zeniv.linux.org.uk> wrote: > > On Sat, Feb 22, 2025 at 01:12:47PM +0100, Mateusz Guzik wrote: > > > General tune is not holding the codebase hostage to obsolete (and > > probably not at all operational) components. If in doubt, prune it. > > What exactly is being held hostage, though? Do we have an API change > that gets blocked just by the old filesystems and if so, which one > it is? I was speaking in general. Some code uses obsolete APIs, other puts weird restrictions, some other has to be at least reviewed. General point being mere existence of code is an extra maintenance burden. If the code is beneficial to have, then so be it. But if the code at hand is not even used by anyone (and it is unclear if it even works), what's the point keeping it? -- Mateusz Guzik <mjguzik gmail.com> ^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2025-02-24 11:56 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <20231112095353.579855-1-debug.penguin32@gmail.com>
2025-02-21 14:51 ` [PATCH] qnx4: fix to avoid panic due to buffer overflow Mateusz Guzik
2025-02-21 17:38 ` Kees Cook
2025-02-22 12:12 ` Mateusz Guzik
2025-02-22 15:17 ` Kees Cook
2025-02-22 16:36 ` Mateusz Guzik
2025-02-24 11:26 ` Christian Brauner
2025-02-23 0:19 ` Al Viro
2025-02-24 11:56 ` Mateusz Guzik
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox