[Bug 200465] null ptr dereference in fscrypt_do_page_crypto() when operating a file on a corrupted f2fs image

[Bug 200465] null ptr dereference in fscrypt_do_page_crypto() when operating a file on a corrupted f2fs image

[bugzilla-daemon]

https://bugzilla.kernel.org/show_bug.cgi?id=200465

Chao Yu (chao@kernel.org) changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |ASSIGNED
                 CC|                            |chao@kernel.org
          Component|Other                       |f2fs
           Assignee|fs_other@kernel-bugs.osdl.o |filesystem_f2fs@kernel-bugs
                   |rg                          |.kernel.org

--- Comment #1 from Chao Yu (chao@kernel.org) ---
Wen Xu,

I didn't see encryption feature is on in uploaded image, but actually, our
stack is stuck in decrypting flow, could you check the image again?

Info: superblock features = 0 :

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot

[Bug 200465] null ptr dereference in fscrypt_do_page_crypto() when operating a file on a corrupted f2fs image

[bugzilla-daemon]

https://bugzilla.kernel.org/show_bug.cgi?id=200465

Steve Beattie (sbeattie@ubuntu.com) changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |sbeattie@ubuntu.com

--- Comment #2 from Steve Beattie (sbeattie@ubuntu.com) ---
This was assigned CVE-2018-14616 (see
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14616).

Chao, is it correct that the fix for this issue landed as
https://git.kernel.org/linus/91291e9998d208370eb8156c760691b873bd7522 ? Or are
additional fixes needed?

Thanks!

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

[Bug 200465] null ptr dereference in fscrypt_do_page_crypto() when operating a file on a corrupted f2fs image

[bugzilla-daemon]

https://bugzilla.kernel.org/show_bug.cgi?id=200465

--- Comment #3 from Chao Yu (chao@kernel.org) ---
Steve,

I figure out that patch to solve issue which I encounter with image attached by
Wen Xu, the bug can be triggered with below scripts:
- mount image /mnt/f2fs/
- cd /mnt/f2fs/foo/bar/
- ls -l

After applying that patch, the problem was gone.

But when the bug triggeres, related call stack is not the same as reported one,
also I can't reproduce reported call stack with the method provided from Wen
Xu.

I guess the right producing way is adding master key for encrypted file, I'd
like to confirm with Wen Xu.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

[Bug 200465] null ptr dereference in fscrypt_do_page_crypto() when operating a file on a corrupted f2fs image

[bugzilla-daemon]

https://bugzilla.kernel.org/show_bug.cgi?id=200465

--- Comment #4 from Wen Xu (wen.xu@gatech.edu) ---
(In reply to Chao Yu from comment #3)
> Steve,
> 
> I figure out that patch to solve issue which I encounter with image attached
> by Wen Xu, the bug can be triggered with below scripts:
> - mount image /mnt/f2fs/
> - cd /mnt/f2fs/foo/bar/
> - ls -l
> 
> After applying that patch, the problem was gone.
> 
> But when the bug triggeres, related call stack is not the same as reported
> one, also I can't reproduce reported call stack with the method provided
> from Wen Xu.
> 
> I guess the right producing way is adding master key for encrypted file, I'd
> like to confirm with Wen Xu.

Hi Chao,

Sorry for a late reply! Eh the first thing is that I never did anything like
adding master key for encrypted file. Second, I feel I pasted wrong
(mismatched) kernel message/PoC...but unfortunately I do not have a local copy
on my laptop now.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

[Bug 200465] null ptr dereference in fscrypt_do_page_crypto() when operating a file on a corrupted f2fs image

[bugzilla-daemon]

https://bugzilla.kernel.org/show_bug.cgi?id=200465

Chao Yu (chao@kernel.org) changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|ASSIGNED                    |NEEDINFO

--- Comment #5 from Chao Yu (chao@kernel.org) ---
(In reply to Wen Xu from comment #4)
> (In reply to Chao Yu from comment #3)
> > Steve,
> > 
> > I figure out that patch to solve issue which I encounter with image
> attached
> > by Wen Xu, the bug can be triggered with below scripts:
> > - mount image /mnt/f2fs/
> > - cd /mnt/f2fs/foo/bar/
> > - ls -l
> > 
> > After applying that patch, the problem was gone.
> > 
> > But when the bug triggeres, related call stack is not the same as reported
> > one, also I can't reproduce reported call stack with the method provided
> > from Wen Xu.
> > 
> > I guess the right producing way is adding master key for encrypted file,
> I'd
> > like to confirm with Wen Xu.
> 
> Hi Chao,
> 
> Sorry for a late reply! Eh the first thing is that I never did anything like
> adding master key for encrypted file. Second, I feel I pasted wrong
> (mismatched) kernel message/PoC...but unfortunately I do not have a local
> copy on my laptop now.

Hi Wen,

Oops, if you got another similar kernel message, please let me know.

BTW, let me tag status of this issue as NEEDINFO

-- 
You are receiving this mail because:
You are watching the assignee of the bug.