Linux-Fsdevel Archive on lore.kernel.org
 help / color / Atom feed
* [PATCH 0/6] fs/minix: fix syzbot bugs and set s_maxbytes
@ 2020-06-28  6:08 Eric Biggers
  2020-06-28  6:08 ` [PATCH 1/6] fs/minix: check return value of sb_getblk() Eric Biggers
                   ` (6 more replies)
  0 siblings, 7 replies; 10+ messages in thread
From: Eric Biggers @ 2020-06-28  6:08 UTC (permalink / raw)
  To: linux-fsdevel, Alexander Viro, Andrew Morton; +Cc: linux-kernel, Qiujun Huang

This series fixes all syzbot bugs in the minix filesystem:

	KASAN: null-ptr-deref Write in get_block
	KASAN: use-after-free Write in get_block
	KASAN: use-after-free Read in get_block
	WARNING in inc_nlink
	KMSAN: uninit-value in get_block
	WARNING in drop_nlink

It also fixes the minix filesystem to set s_maxbytes correctly, so that
userspace sees the correct behavior when exceeding the max file size.

Al or Andrew: one of you will need to take these patches, since no one
is maintaining this filesystem.


Eric Biggers (6):
  fs/minix: check return value of sb_getblk()
  fs/minix: don't allow getting deleted inodes
  fs/minix: reject too-large maximum file size
  fs/minix: set s_maxbytes correctly
  fs/minix: fix block limit check for V1 filesystems
  fs/minix: remove expected error message in block_to_path()

 fs/minix/inode.c        | 42 +++++++++++++++++++++++++++++++++++++----
 fs/minix/itree_common.c |  8 +++++++-
 fs/minix/itree_v1.c     | 12 ++++++------
 fs/minix/itree_v2.c     | 13 ++++++-------
 fs/minix/minix.h        |  1 -
 5 files changed, 57 insertions(+), 19 deletions(-)

-- 
2.27.0


^ permalink raw reply	[flat|nested] 10+ messages in thread

end of thread, back to index

Thread overview: 10+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-06-28  6:08 [PATCH 0/6] fs/minix: fix syzbot bugs and set s_maxbytes Eric Biggers
2020-06-28  6:08 ` [PATCH 1/6] fs/minix: check return value of sb_getblk() Eric Biggers
2020-07-07 19:26   ` Andrew Morton
2020-07-07 20:34     ` Eric Biggers
2020-06-28  6:08 ` [PATCH 2/6] fs/minix: don't allow getting deleted inodes Eric Biggers
2020-06-28  6:08 ` [PATCH 3/6] fs/minix: reject too-large maximum file size Eric Biggers
2020-06-28  6:08 ` [PATCH 4/6] fs/minix: set s_maxbytes correctly Eric Biggers
2020-06-28  6:08 ` [PATCH 5/6] fs/minix: fix block limit check for V1 filesystems Eric Biggers
2020-06-28  6:08 ` [PATCH 6/6] fs/minix: remove expected error message in block_to_path() Eric Biggers
2020-07-07 17:14 ` [PATCH 0/6] fs/minix: fix syzbot bugs and set s_maxbytes Eric Biggers

Linux-Fsdevel Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-fsdevel/0 linux-fsdevel/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-fsdevel linux-fsdevel/ https://lore.kernel.org/linux-fsdevel \
		linux-fsdevel@vger.kernel.org
	public-inbox-index linux-fsdevel

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-fsdevel


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git