Re: [PATCH 2/2] fstests: test dirty pipe vulnerability issue of CVE-2022-0847

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index] 

On Tue, Mar 22, 2022 at 08:30:02PM +0800, Zorro Lang wrote:
> On Tue, Mar 22, 2022 at 04:35:55PM +1100, Dave Chinner wrote:
> > On Mon, Mar 21, 2022 at 07:03:41PM +0800, Zorro Lang wrote:
> > > diff --git a/tests/generic/999 b/tests/generic/999
> > > new file mode 100755
> > > index 00000000..2488e455
> > > --- /dev/null
> > > +++ b/tests/generic/999
> > > @@ -0,0 +1,54 @@
> > > +#! /bin/bash
> > > +# SPDX-License-Identifier: GPL-2.0
> > > +# Copyright (c) 2022 Red Hat, Inc.  All Rights Reserved.
> > > +#
> > > +# FS QA Test No. 999
> > > +#
> > > +# Test for the Dirty Pipe vulnerability (CVE-2022-0847) caused by an
> > > +# uninitialized  "pipe_buffer.flags" variable, which fixed by:
> > > +#   9d2231c5d74e ("lib/iov_iter: initialize "flags" in new pipe_buffer")
> > > +#
> > > +. ./common/preamble
> > > +_begin_fstest auto quick
> > > +
> > > +_cleanup()
> > > +{
> > > +	cd /
> > > +	rm -f $tmp.*
> > > +	rm -f $TEST_DIR/testfile.$seq
> > > +}
> > 
> > Just leave the test file lying around so this can use the default
> > cleanup method. The test device is supposed to gather random
> > cruft as tests run....
> 
> Got that, I'll keep this file, and turn to use default _cleanup.
> 
> > 
> > > +
> > > +# real QA test starts here
> > > +_supported_fs generic
> > > +_require_test
> > > +_require_user
> > > +_require_chmod
> > > +_require_test_program "splice2pipe"
> > > +
> > > +localfile=$TEST_DIR/testfile.$seq
> > 
> > .... and remove the file here as part of test setup with:
> > 
> > rm -f $localfile
> 
> Just curious, I've used xfs_io "-t" option to truncate $localfile before testing:
> $XFS_IO_PROG -f -t -c "pwrite 0 4k -S 0xff" $localfile
> 
> Can that instead of the "rm -f $localfile" ?

Open-and-truncate isn't safe here because some other (buggy) test might
run 'mkfifo $TEST_DIR/testfile.XXX' and now opening the pipe will hang
fstests.  It's ok for the scratch fs because you have to mkfs it, but as
Dave said, the test fs slowly accumulates cruft over time.

--D

> (As both patches need to change, I'd like to change the 1st patch's g/404 in next
> version patch together, if no objection)
> 
> Thanks,
> Zorro
> 
> > 
> > Otherwise looks fine.
> > 
> > Cheers,
> > 
> > Dave.
> > -- 
> > Dave Chinner
> > david@xxxxxxxxxxxxx
> > 
>
[Index of Archives]     [Linux Filesystems Development]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux