From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id BADFAC02192 for ; Wed, 5 Feb 2025 12:26:34 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 4D86E280004; Wed, 5 Feb 2025 07:26:34 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 461F4280003; Wed, 5 Feb 2025 07:26:34 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 2DBFC280004; Wed, 5 Feb 2025 07:26:34 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id 0C379280003 for ; Wed, 5 Feb 2025 07:26:34 -0500 (EST) Received: from smtpin17.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id A53E5C0B9A for ; Wed, 5 Feb 2025 12:26:33 +0000 (UTC) X-FDA: 83085814266.17.A6EB6E3 Received: from mail-ed1-f52.google.com (mail-ed1-f52.google.com [209.85.208.52]) by imf22.hostedemail.com (Postfix) with ESMTP id BF32AC0006 for ; Wed, 5 Feb 2025 12:26:31 +0000 (UTC) Authentication-Results: imf22.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=DFIXFu2g; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf22.hostedemail.com: domain of mjguzik@gmail.com designates 209.85.208.52 as permitted sender) smtp.mailfrom=mjguzik@gmail.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1738758391; a=rsa-sha256; cv=none; b=FdoZixFX6qMZMOkI8H+ECXy4OUhZFxl6RWaziIAgB/UhpoFKqTfM8+VRyp52AdXlVeNQMH QxRwMmU7/WR+MApZ2mYy1dwclpUPHuQOA4EWlzIMw/HYM3rXfSC3FUlH2GIRRU4CQRrLeU DneWVCXw9cITpffryAS7DVu8gsoKV+c= ARC-Authentication-Results: i=1; imf22.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=DFIXFu2g; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf22.hostedemail.com: domain of mjguzik@gmail.com designates 209.85.208.52 as permitted sender) smtp.mailfrom=mjguzik@gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1738758391; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=tfNjTq55fsnw6SzCIB+YM+K27WJ5Up01sg+3YgXdq6M=; b=Xz1PkDM+jyloPSo2rF2paKsuBOIboRwBhaUqBNrAhpEIThoft6jrZb4fTAjDg3d8u+68cb vSecdJi6YbdxvQo8cNLQm4z7Q7oP5FWltklXik0weqLSHxOh+33JLDmkHh4tJoYMWeOYPP 286uvFcRKjFMqdpE/Pd0vhMv3ITSCt0= Received: by mail-ed1-f52.google.com with SMTP id 4fb4d7f45d1cf-5dccc90a4f1so3235381a12.2 for ; Wed, 05 Feb 2025 04:26:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1738758390; x=1739363190; darn=kvack.org; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=tfNjTq55fsnw6SzCIB+YM+K27WJ5Up01sg+3YgXdq6M=; b=DFIXFu2gGc7JyJB9OiWPOdEW8opaTNQPm0NFWFXUCWUnmUcsU9//SpONAqqUgC90ep XPolQxJruG4J8wHyFQKoWS+JgUBSaNsdvSoy+VCRjaH8IB6y4vTKqUkI8CHIH+13J4YJ jQO/xHTEjM4sk2JVzT2KnfELpf6lSk0tasB99ufkdqyFR92cVwJGcpjvjO+YdgSXyIdY 7ztEvxerl29h9bgqfwOkJrgvqazU1fME6LfKS8OVXUs4+cNTBSorB5yE82Yb4Knx8nj6 R+IxDLz5QxSfNKlajT4EzKrnTF0laE6vH/IlxnHblgbEbV/tDEQHGdbxY/BV+VVG1zJG 3DhQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1738758390; x=1739363190; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=tfNjTq55fsnw6SzCIB+YM+K27WJ5Up01sg+3YgXdq6M=; b=wFSGw6FFFQU00+Nrog0Fb8koYTVm5dtiBXcunt1WUDFFHY2pNYwsUpIUXjGUdpxh9q t/8+uELcH4LU4nhTNKadp8YF0TbzPyDr9f883MiY5vlkNjbWozxXqparGiKMMPnq70Aa 231il3TLDbXhaKL4QLFQESd8aZwzdPU5N2JB9puuHj5cqZ2YG35Abf2TnxENaYuQvaLk aLj4fWXhRaXbpgTPs+KzWZJtF9PgAfCkXmnMz8BXm84Tg3wjyspLPpRSIV733NTinPXM mPsp6wapnjLOntXHUej7ZFzd2xN3JRysF2cItVb8UCl58y5BRhKo9RW3g3ByRVwJro/P ZxsA== X-Forwarded-Encrypted: i=1; AJvYcCXt0AHibC7RYqHa37nVlQF6dNvsz95VbIUXmmpWau/5I3Irga85F7arxUyk18bs/4R8Wnxuw7iLeg==@kvack.org X-Gm-Message-State: AOJu0Yx6crz1L81kfd0o3zAo3eITlMqad2O5LcmybNwA89LlS0JyjZ57 czERj3qSE7kGTY8SM4UVrN3njQJ6LBzbnC/w596iU9G2OUsMvllP X-Gm-Gg: ASbGncvIzM8643EwqvuNoadS9I9OGgzxnpVX/vIJ9u/800uqfMhNOalxDZRfD1vQyqa VhdwRvGKk3I35wlhqZR0Z8ahwC9/NB1AHw4w6Wp7+uKz7lQYq55gi86WMfrQfl1Cs+grm/ZtmaH ebdQGTowvUZA4cih/S+vTivVK5gb/cw++emOjVcjtvEXqEI5ELs7KbbfwhKP7+4TYetPBS06hmO UKjSZXneQ/nSdd32EYCQSZqls6jrk+x9dHW3G3NQ3p/URERHfbuSUx3Z9ZP6GiqBJVVulBzoblj 2f6Lzua2pAEGBSc41J6svOKZGm9l X-Google-Smtp-Source: AGHT+IEm5IUWeYpZI0DEqaYXclltUvvUlq9Yatit08o6HaY+VbAx6auM5q2J1jw428G0gXDxJ7yhvA== X-Received: by 2002:a05:6402:278b:b0:5dc:d0be:c348 with SMTP id 4fb4d7f45d1cf-5dcdb77825fmr2802800a12.20.1738758389797; Wed, 05 Feb 2025 04:26:29 -0800 (PST) Received: from f (cst-prg-95-94.cust.vodafone.cz. [46.135.95.94]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5dcdb6d16edsm1336465a12.3.2025.02.05.04.26.26 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 05 Feb 2025 04:26:29 -0800 (PST) Date: Wed, 5 Feb 2025 13:26:18 +0100 From: Mateusz Guzik To: syzbot Cc: akpm@linux-foundation.org, brauner@kernel.org, gustavoars@kernel.org, kees@kernel.org, linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, syzkaller-bugs@googlegroups.com, tytso@mit.edu Subject: Re: [syzbot] [hardening?] [mm?] BUG: bad usercopy in vfs_readlink Message-ID: References: <67a1e1f4.050a0220.163cdc.0063.GAE@google.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <67a1e1f4.050a0220.163cdc.0063.GAE@google.com> X-Rspamd-Server: rspam04 X-Rspamd-Queue-Id: BF32AC0006 X-Stat-Signature: b8bgtnfcbp3ii11aofxp9msiknydj6n3 X-Rspam-User: X-HE-Tag: 1738758391-94389 X-HE-Meta: U2FsdGVkX19lCbMnIR597QQrQtxC7Fmrh5DuqamAEclOqa6j3Rd45/tYl4bmNJuOO3egNbA1vWJKCoLTKbhlJrTTDtAh9WsdkOJWLirm9rD2RmhCr929gIL0kje6U2q5DlEqJ2XjNUSpJLxRhEzXSPdETRJNZh4me9L3iYv4ha0ZMItSXjPpiU9d3u0JQvsv5RZes8Qc+t7O8aG5iuSjf35tYeBcKzEy6oT56GIhUv8rmidHkCRKJqJLq46rkdcu6v7ovPE5YTnddIL0b6/aG/0IUy9Jn3/LqTur8ZZ7lKHP8/rFtgpn7Axs20s3lSGf0yFMBSg2sB1v4KWvbbRAlEHhzHHzc5zzupZIpUTxfHBLJAML8hd23Ylo3N8xEsALEgfCqX/Qs/Hj/x4rnItRP/FLRTalAa8oxQIAebHEMzkYRF3W/WckyYbUwUJnLPMz9e8PvZnGhu7CBhBM4MNoltHD/t2JBds/zoZ+QnpIofJpkRL1nDwc+r7LKya6qHlnN8QVU+u5TKdM15n1b8JZ4AgiqddQAzpvOHDhZzpMxi3Zny31fMcUADxTutDYVdAFQS24Gd6Af/Iv1qT4RLrnHT7Aqi589YnUgC3qhBvUmmO1AwLWrznB+XEHK5qQgi+S3nuVqRzFfiB0HJVe4LOzEq+3GM6Fevk3u10sRWVCVoG3XBogKhMPOxXu0ZcTf7/4XR2U25AzIvou++Dn8jmC2FfEKDbmylVTbCqJNMYMcn+yf0h1dilBkBqQXG0h7wGy0Gi+j4LAoKEpLPWxf2u6/Q2fm9uD8VOJjNc3As7L43GgUYteT8pd3CN0yuGW5JzmHQah4uhNLtBv9UetuM+wHCq9Ifh/6WcEWPQpr5RcRpwyxvm9xLadpRkw0he9CDMwAk7PycwLo3nPxraBNEmQ0iXO/gWlPBXMXhJrNd35kgoWrtPo87BphZeeJrGrrUvLhm/y5x+nyB7NoqF4l7N yHHquLcz FpUGA/nPAePOrr5ZOqPOxfkCU6GZ5tl5wpihBkghCtod1DLpK1hoo2JpvdDtDwndEDDThcmdQtYREM0+8u/9PMDv+ws3xHor4iWWhiGfbLFalxnYKYCNUp+4FkPpaNie/notQCTG5AR0zTAF5yht+QZlK46Tw+JXGOZcaf8OiP+Lm/p3qfBW0nB5ZojqD9Kh+0X4haGmuCTOf0Uv7yPZxMFnRFWsiEd6A/k+h9GAISKeAYVHHKnXu2Kc/3GFq4n1upTz80kGSoCoDZBnudbiSxI1G6W8jYs3IeK/9tTftxrXPo/PvpAhPB0QvCDqFdKpJAXL8tHmXGK646LC2ekWTWmaWvtQWE+vkBuOEhQACfZbrpDjSZZapgcT/ardQlhBApegwLq+Tbo2VPhCKoq1NaBW0E/DVoC4lgeEfPzDMtPDLDLA/tAMWd3w0NfxYYFsk7uINeS6mdLOjZeaotGGNeYey/L3hlJQG74AWdC4rAgQ6u0iyI4Ebb4VHPR2gKaoqOfM7TEwoy01EF4tpnambzs4TuZ34dTA3U9Yz6lQNC9KZ2Kg93PzpIDMRulGu5oXrdZwLpWk2SZ4/FB03rX95rhcZEfoQdDT3bAMXIoeJp/2WIc30T+3dQr4RlALRENNke89NF43cYPkFMOZ0yd+3K8TupfJ3f0UQKaKoJoO9f2bq/UKgeMpLYtbqmM7UK+RzTK2HUWrEEIUOSmnm3HyxaDCGfQ== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Tue, Feb 04, 2025 at 01:46:28AM -0800, syzbot wrote: > Hello, > > syzbot found the following issue on: > > HEAD commit: 69b8923f5003 Merge tag 'for-linus-6.14-ofs4' of git://git... > git tree: upstream > console+strace: https://syzkaller.appspot.com/x/log.txt?x=1258aeb0580000 > kernel config: https://syzkaller.appspot.com/x/.config?x=57ab43c279fa614d > dashboard link: https://syzkaller.appspot.com/bug?extid=48a99e426f29859818c0 > compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 > syz repro: https://syzkaller.appspot.com/x/repro.syz?x=15825724580000 > C reproducer: https://syzkaller.appspot.com/x/repro.c?x=1658aeb0580000 > #syz test upstream master diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c index 7c54ae5fcbd4..30cff983e601 100644 --- a/fs/ext4/inode.c +++ b/fs/ext4/inode.c @@ -5010,7 +5010,7 @@ struct inode *__ext4_iget(struct super_block *sb, unsigned long ino, nd_terminate_link(ei->i_data, inode->i_size, sizeof(ei->i_data) - 1); inode_set_cached_link(inode, (char *)ei->i_data, - inode->i_size); + strlen((char *)ei->i_data)); } else { inode->i_op = &ext4_symlink_inode_operations; }