From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2082AEB64DD for ; Thu, 20 Jul 2023 17:56:25 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232020AbjGTR4X convert rfc822-to-8bit (ORCPT ); Thu, 20 Jul 2023 13:56:23 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46702 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229729AbjGTR4W (ORCPT ); Thu, 20 Jul 2023 13:56:22 -0400 Received: from outpost1.zedat.fu-berlin.de (outpost1.zedat.fu-berlin.de [130.133.4.66]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 171171998; Thu, 20 Jul 2023 10:56:21 -0700 (PDT) Received: from inpost2.zedat.fu-berlin.de ([130.133.4.69]) by outpost.zedat.fu-berlin.de (Exim 4.95) with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384 (envelope-from ) id 1qMXsn-002CO9-HB; Thu, 20 Jul 2023 19:56:09 +0200 Received: from p57bd98fd.dip0.t-ipconnect.de ([87.189.152.253] helo=suse-laptop.fritz.box) by inpost2.zedat.fu-berlin.de (Exim 4.95) with esmtpsa (TLS1.3) tls TLS_AES_256_GCM_SHA384 (envelope-from ) id 1qMXsn-003Zmq-8y; Thu, 20 Jul 2023 19:56:09 +0200 Message-ID: Subject: Re: [syzbot] [hfs?] WARNING in hfs_write_inode From: John Paul Adrian Glaubitz To: Matthew Wilcox , Dmitry Vyukov Cc: Viacheslav Dubeyko , Arnd Bergmann , Linus Torvalds , syzbot , Andrew Morton , christian.brauner@ubuntu.com, Damien Le Moal , Jeff Layton , Linux FS Devel , LKML , syzkaller-bugs@googlegroups.com, ZhangPeng , linux-m68k@lists.linux-m68k.org, debian-powerpc Date: Thu, 20 Jul 2023 19:56:08 +0200 In-Reply-To: References: <000000000000dbce4e05f170f289@google.com> <5f45bb9a-5e00-48dd-82b0-46b19b1b98a3@app.fastmail.com> <2575F983-D170-4B79-A6BA-912D4ED2CC73@dubeyko.com> <46F233BB-E587-4F2B-AA62-898EB46C9DCE@dubeyko.com> <50D6A66B-D994-48F4-9EBA-360E57A37BBE@dubeyko.com> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 8BIT User-Agent: Evolution 3.48.4 MIME-Version: 1.0 X-Original-Sender: glaubitz@physik.fu-berlin.de X-Originating-IP: 87.189.152.253 X-ZEDAT-Hint: PO Precedence: bulk List-ID: X-Mailing-List: linux-fsdevel@vger.kernel.org (Please ignore my previous mail which was CC'ed to the wrong list) Hello! On Thu, 2023-07-20 at 18:30 +0100, Matthew Wilcox wrote: > On Thu, Jul 20, 2023 at 05:27:57PM +0200, Dmitry Vyukov wrote: > > On Thu, 5 Jan 2023 at 17:45, Viacheslav Dubeyko wrote: > > > > On Wed, Jan 04, 2023 at 08:37:16PM -0800, Viacheslav Dubeyko wrote: > > > > > Also, as far as I can see, available volume in report (mount_0.gz) somehow corrupted already: > > > > > > > > Syzbot generates deliberately-corrupted (aka fuzzed) filesystem images. > > > > So basically, you can't trust anything you read from the disc. > > > > > > > > > > If the volume has been deliberately corrupted, then no guarantee that file system > > > driver will behave nicely. Technically speaking, inode write operation should never > > > happened for corrupted volume because the corruption should be detected during > > > b-tree node initialization time. If we would like to achieve such nice state of HFS/HFS+ > > > drivers, then it requires a lot of refactoring/implementation efforts. I am not sure that > > > it is worth to do because not so many guys really use HFS/HFS+ as the main file > > > system under Linux. > > > > > > Most popular distros will happily auto-mount HFS/HFS+ from anything > > inserted into USB (e.g. what one may think is a charger). This creates > > interesting security consequences for most Linux users. > > An image may also be corrupted non-deliberately, which will lead to > > random memory corruptions if the kernel trusts it blindly. > > Then we should delete the HFS/HFS+ filesystems. They're orphaned in > MAINTAINERS and if distros are going to do such a damnfool thing, > then we must stop them. Both HFS and HFS+ work perfectly fine. And if distributions or users are so sensitive about security, it's up to them to blacklist individual features in the kernel. Both HFS and HFS+ have been the default filesystem on MacOS for 30 years and I don't think it's justified to introduce such a hard compatibility breakage just because some people are worried about theoretical evil maid attacks. HFS/HFS+ mandatory if you want to boot Linux on a classic Mac or PowerMac and I don't think it's okay to break all these systems running Linux. Thanks, Adrian -- .''`. John Paul Adrian Glaubitz : :' : Debian Developer `. `' Physicist `- GPG: 62FF 8A75 84E0 2956 9546 0006 7426 3B37 F5B5 F913 -- .''`. John Paul Adrian Glaubitz : :' : Debian Developer `. `' Physicist `- GPG: 62FF 8A75 84E0 2956 9546 0006 7426 3B37 F5B5 F913