From: Dave Chinner <david@fromorbit.com>
To: linux-xfs@vger.kernel.org
Subject: [PATCH 0/4] xfs: fix random format verification issues
Date: Mon, 2 May 2022 18:20:14 +1000 [thread overview]
Message-ID: <20220502082018.1076561-1-david@fromorbit.com> (raw)
Hi folks,
This series contains a handful of fixes for the malicious format
verification attacks that were dumped into the kernel.org bugzilla
over the weekend.
I'm not going to give any credit to the reporter - they are not
disclosing these issues responsibly and so I'm not going to
encourage them by giving them any credit for causing me unnecessary
stress by forcing me to drop everything to investigate the reported
problems.
As I said back in my response to a similar malicious bug reporter
recently at https://bugzilla.kernel.org/show_bug.cgi?id=215783 :
"If you are going to run some scripted tool to randomly
corrupt the filesystem to find failures, then you have an
ethical and moral responsibility to do some of the work to
narrow down and identify the cause of the failure, not just
throw them at someone to do all the work."
I'll add that *responsible disclosure* is also necessary. Giving us
a chance to determine the severity and impact of the format
verification/corruption problem before they are made public would
take a lot of the angst and stress out of this situation.
</rant>
Anyway, one of the bug fixes "breaks" xfs/348, which is actually
broken because it encodes observed (broken) behaviour as success
rather than encoding correct behaviour and then failing. This series
ensures that the data fork is in the correct form for symlinks,
directories and regular files and so the test now fails. Fixes for
that test will need to be done.
-Dave.
next reply other threads:[~2022-05-02 8:20 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-05-02 8:20 Dave Chinner [this message]
2022-05-02 8:20 ` [PATCH 1/4] xfs: detect self referencing btree sibling pointers Dave Chinner
2022-05-03 14:53 ` Christoph Hellwig
2022-05-03 21:27 ` Dave Chinner
2022-05-03 22:53 ` Darrick J. Wong
2022-05-03 23:13 ` Dave Chinner
2022-05-06 9:22 ` [xfs] 32678f1513: aim7.jobs-per-min -5.6% regression kernel test robot
2022-05-06 21:29 ` Dave Chinner
2022-05-07 11:09 ` [LKP] " Carel Si
2022-05-09 0:03 ` Dave Chinner
2022-05-02 8:20 ` [PATCH 2/4] xfs: validate inode fork size against fork format Dave Chinner
2022-05-03 14:55 ` Christoph Hellwig
2022-05-03 22:55 ` Darrick J. Wong
2022-05-02 8:20 ` [PATCH 3/4] xfs: set XFS_FEAT_NLINK correctly Dave Chinner
2022-05-03 14:56 ` Christoph Hellwig
2022-05-03 22:55 ` Darrick J. Wong
2022-05-02 8:20 ` [PATCH 4/4] xfs: validate v5 feature fields Dave Chinner
2022-05-02 9:44 ` kernel test robot
2022-05-02 12:37 ` kernel test robot
2022-05-03 15:00 ` Christoph Hellwig
2022-05-03 21:26 ` Dave Chinner
2022-05-03 22:59 ` Darrick J. Wong
2022-05-03 23:18 ` Dave Chinner
2022-05-03 23:28 ` Darrick J. Wong
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220502082018.1076561-1-david@fromorbit.com \
--to=david@fromorbit.com \
--cc=linux-xfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox