From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 09283C001DE for ; Thu, 20 Jul 2023 17:30:38 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230466AbjGTRaf (ORCPT ); Thu, 20 Jul 2023 13:30:35 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33766 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231204AbjGTRae (ORCPT ); Thu, 20 Jul 2023 13:30:34 -0400 Received: from casper.infradead.org (casper.infradead.org [IPv6:2001:8b0:10b:1236::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 38E132722; Thu, 20 Jul 2023 10:30:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=casper.20170209; h=In-Reply-To:Content-Type:MIME-Version: References:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description; bh=kZsL+fRMiTUhIF6cbkchAwMMymJQNGnAWsHwN+ewJ0E=; b=njeSPSpguzsHoVcLskuzq3zqvP fh6yPSsenkfbn+nzasVka6Xcr/4vmVhShCMCWCwccY/VDY/4+EqZ6a08xnubBsxwKl52NFXncUna4 neUTaeTjchLENIA5+N7KASwQHi+8BunPa3WVG3+qM2zJZS/VsHgKNdC3WNzT8Z0ZdCyCAAa63J5HO odj5alfVy+NbSyQkfnrweVtwROQS+w3gW7W6y/yPIhdJMID2yZo2if0EGxr+MMkGK/ewsl7+0JUUO Lic2g6Q5iNJbymXPLx0wql6EaA2fSSUuHxU3BlG3N8SbfsK71rrv+19uHkhsEycQKptguXZYHDf72 A53SA8Eg==; Received: from willy by casper.infradead.org with local (Exim 4.94.2 #2 (Red Hat Linux)) id 1qMXTc-000IDQ-47; Thu, 20 Jul 2023 17:30:08 +0000 Date: Thu, 20 Jul 2023 18:30:08 +0100 From: Matthew Wilcox To: Dmitry Vyukov Cc: Viacheslav Dubeyko , Arnd Bergmann , Linus Torvalds , syzbot , Andrew Morton , christian.brauner@ubuntu.com, Damien Le Moal , Jeff Layton , Linux FS Devel , LKML , syzkaller-bugs@googlegroups.com, ZhangPeng , linux-m68k@lists.linux-m68k.org Subject: Re: [syzbot] [hfs?] WARNING in hfs_write_inode Message-ID: References: <000000000000dbce4e05f170f289@google.com> <5f45bb9a-5e00-48dd-82b0-46b19b1b98a3@app.fastmail.com> <2575F983-D170-4B79-A6BA-912D4ED2CC73@dubeyko.com> <46F233BB-E587-4F2B-AA62-898EB46C9DCE@dubeyko.com> <50D6A66B-D994-48F4-9EBA-360E57A37BBE@dubeyko.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Precedence: bulk List-ID: X-Mailing-List: linux-fsdevel@vger.kernel.org On Thu, Jul 20, 2023 at 05:27:57PM +0200, Dmitry Vyukov wrote: > On Thu, 5 Jan 2023 at 17:45, Viacheslav Dubeyko wrote: > > > On Wed, Jan 04, 2023 at 08:37:16PM -0800, Viacheslav Dubeyko wrote: > > >> Also, as far as I can see, available volume in report (mount_0.gz) somehow corrupted already: > > > > > > Syzbot generates deliberately-corrupted (aka fuzzed) filesystem images. > > > So basically, you can't trust anything you read from the disc. > > > > > > > If the volume has been deliberately corrupted, then no guarantee that file system > > driver will behave nicely. Technically speaking, inode write operation should never > > happened for corrupted volume because the corruption should be detected during > > b-tree node initialization time. If we would like to achieve such nice state of HFS/HFS+ > > drivers, then it requires a lot of refactoring/implementation efforts. I am not sure that > > it is worth to do because not so many guys really use HFS/HFS+ as the main file > > system under Linux. > > > Most popular distros will happily auto-mount HFS/HFS+ from anything > inserted into USB (e.g. what one may think is a charger). This creates > interesting security consequences for most Linux users. > An image may also be corrupted non-deliberately, which will lead to > random memory corruptions if the kernel trusts it blindly. Then we should delete the HFS/HFS+ filesystems. They're orphaned in MAINTAINERS and if distros are going to do such a damnfool thing, then we must stop them.