Commit Graph

9 Commits

Author SHA1 Message Date
Kees Cook
5d299f44d7 jfs: Avoid field-overflowing memcpy()
In preparation for FORTIFY_SOURCE performing compile-time and run-time
field array bounds checking for memcpy(), memmove(), and memset(),
avoid intentionally writing across neighboring fields.

Introduce more unions to cover the full inline data section, so that the
entire 256 bytes can be addressed by memcpy() without thinking it is
crossing field boundaries. Additionally adjusts dir memcpy() to use
existing union names to get the same coverage.

diffoscope shows there are no binary differences before/after excepting
the name of the initcall, which is line number based:

$ diffoscope --exclude-directory-metadata yes before/fs after/fs
 --- before/fs
 +++ after/fs
 │   --- before/fs/jfs
 ├── +++ after/fs/jfs
 │ │   --- before/fs/jfs/super.o
 │ ├── +++ after/fs/jfs/super.o
 │ │ ├── readelf --wide --symbols {}
 │ │ │ @@ -2,15 +2,15 @@
 │ │ │  Symbol table '.symtab' contains 158 entries:
 │ │ │     Num:    Value          Size Type    Bind   Vis      Ndx Name
 ...
 │ │ │ -     5: 0000000000000000     0 NOTYPE  LOCAL  DEFAULT    6 __initcall__kmod_jfs__319_1049_ini
 t_jfs_fs6
 │ │ │ +     5: 0000000000000000     0 NOTYPE  LOCAL  DEFAULT    6 __initcall__kmod_jfs__319_1050_ini
 t_jfs_fs6
...

Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Dave Kleikamp <dave.kleikamp@oracle.com>
2021-06-23 09:21:52 -05:00
Miklos Szeredi
2ca58e30b1 jfs: convert to fileattr
Use the fileattr API to let the VFS handle locking, permission checking and
conversion.

Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Cc: Dave Kleikamp <shaggy@kernel.org>
2021-04-12 15:04:29 +02:00
Thomas Gleixner
1a59d1b8e0 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156
Based on 1 normalized pattern(s):

  this program is free software you can redistribute it and or modify
  it under the terms of the gnu general public license as published by
  the free software foundation either version 2 of the license or at
  your option any later version this program is distributed in the
  hope that it will be useful but without any warranty without even
  the implied warranty of merchantability or fitness for a particular
  purpose see the gnu general public license for more details you
  should have received a copy of the gnu general public license along
  with this program if not write to the free software foundation inc
  59 temple place suite 330 boston ma 02111 1307 usa

extracted by the scancode license scanner the SPDX license identifier

  GPL-2.0-or-later

has been chosen to replace the boilerplate/reference in 1334 file(s).

Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Allison Randal <allison@lohutok.net>
Reviewed-by: Richard Fontana <rfontana@redhat.com>
Cc: linux-spdx@vger.kernel.org
Link: https://lkml.kernel.org/r/20190527070033.113240726@linutronix.de
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2019-05-30 11:26:35 -07:00
Kees Cook
961b33c244 jfs: Fix usercopy whitelist for inline inode data
Bart Massey reported what turned out to be a usercopy whitelist false
positive in JFS when symlink contents exceeded 128 bytes. The inline
inode data (i_inline) is actually designed to overflow into the "extended
area" following it (i_inline_ea) when needed. So the whitelist needed to
be expanded to include both i_inline and i_inline_ea (the whole size
of which is calculated internally using IDATASIZE, 256, instead of
sizeof(i_inline), 128).

$ cd /mnt/jfs
$ touch $(perl -e 'print "B" x 250')
$ ln -s B* b
$ ls -l >/dev/null

[  249.436410] Bad or missing usercopy whitelist? Kernel memory exposure attempt detected from SLUB object 'jfs_ip' (offset 616, size 250)!

Reported-by: Bart Massey <bart.massey@gmail.com>
Fixes: 8d2704d382 ("jfs: Define usercopy region in jfs_ip slab cache")
Cc: Dave Kleikamp <shaggy@kernel.org>
Cc: jfs-discussion@lists.sourceforge.net
Cc: stable@vger.kernel.org
Signed-off-by: Kees Cook <keescook@chromium.org>
2018-08-04 07:53:46 -07:00
Andi Kleen
ef1fc2f01e BKL-removal: Implement a compat_ioctl handler for JFS
The ioctls were already compatible except for the actual values so this
was fairly easy to do.

Signed-off-by: Andi Kleen <ak@suse.de>
Signed-off-by: Dave Kleikamp <shaggy@linux.vnet.ibm.com>
2008-02-07 13:45:29 -06:00
Dave Kleikamp
f720e3ba55 JFS: Whitespace cleanup and remove some dead code
Signed-off-by: Dave Kleikamp <shaggy@linux.vnet.ibm.com>
2007-06-06 15:28:35 -05:00
Dave Kleikamp
63f83c9fcf JFS: White space cleanup
Removed trailing spaces & tabs, and spaces preceding tabs.
Also a couple very minor comment cleanups.

Signed-off-by: Dave Kleikamp <shaggy@austin.ibm.com>
(cherry picked from f74156539964d7b3d5164fdf8848e6a682f75b97 commit)
2006-10-02 09:55:27 -05:00
Herbert Poetzl
fa3241d24c JFS: ext2 inode attributes for jfs
ext2 inode attributes with relevance for jfs:

'a' 	EXT2_APPEND_FL       -> append only
'i' 	EXT2_IMMUTABLE_FL    -> immutable file
's' 	EXT2_SECRM_FL	     -> zero file
'u' 	EXT2_UNRM_FL	     -> allow for unrm
'A' 	EXT2_NOATIME_FL      -> no access time
'D' 	EXT2_DIRSYNC_FL      -> dirsync
'S' 	EXT2_SYNC_FL	     -> sync

overview of jfs flags (partially for OS/2)

value	   (OS/2)	Linux	ext2 attrs
------------------------------------------------
0x00010000 IFJOURNAL	-
0x00020000 ISPARSE  	used
0x00040000 INLINEEA 	used
0x00080000 -	    	-	JFS_NOATIME_FL

0x00100000 -	    	-	JFS_DIRSYNC_FL
0x00200000 -	    	-	JFS_SYNC_FL
0x00400000 -	    	-	JFS_SECRM_FL
0x00800000 ISWAPFILE	-	JFS_UNRM_FL

0x01000000 -	    	-	JFS_APPEND_FL
0x02000000 IREADONLY	-	JFS_IMMUTABLE_FL
0x04000000 IHIDDEN  	-	-
0x08000000 ISYSTEM  	-	-

0x10000000 -	    	-
0x20000000 IDIRECTORY	used
0x40000000 IARCHIVE 	-
0x80000000 INEWNAME 	-

the implementation is straight forward, except
for the fact that the attributes have to be mapped
to match with the ext2 ones to avoid a separate
tool for manipulating them (this could be avoided
when using a separate flag field in the on-disk
representation, but the overhead is minimal)

a special jfs_ioctl is added to allow for the new
JFS_IOC_GETFLAGS and JFS_IOC_SETFLAGS calls.

a helper function jfs_set_inode_flags() to transfer
the flags from the on-disk version to the inode

minor changes to allow flag inheritance on inode
creation, as well as a cleanup of the on-disk
flags (including the new ones)

beforementioned helper to map between ext2 and jfs
versions of the new flags ...

the JFS_SECRM_FL and JFS_UNRM_FL are not done yet
and I'm not 100% sure they are worth the effort,
the rest seems to work out of the box ...

Signed-off-by: Herbert Poetzl <herbert@13thfloor.at>
Signed-off-by: Dave Kleikamp <shaggy@austin.ibm.com>
2006-02-09 09:09:16 -06:00
Linus Torvalds
1da177e4c3 Linux-2.6.12-rc2
Initial git repository build. I'm not bothering with the full history,
even though we have it. We can create a separate "historical" git
archive of that later if we want to, and in the meantime it's about
3.2GB when imported into git - space that would just make the early
git days unnecessarily complicated, when we don't have a lot of good
infrastructure for it.

Let it rip!
2005-04-16 15:20:36 -07:00