On Thu, Jul 20, 2023 at 05:27:57PM +0200, Dmitry Vyukov wrote: > On Thu, 5 Jan 2023 at 17:45, Viacheslav Dubeyko <slava@xxxxxxxxxxx> wrote: > > > On Wed, Jan 04, 2023 at 08:37:16PM -0800, Viacheslav Dubeyko wrote: > > >> Also, as far as I can see, available volume in report (mount_0.gz) somehow corrupted already: > > > > > > Syzbot generates deliberately-corrupted (aka fuzzed) filesystem images. > > > So basically, you can't trust anything you read from the disc. > > > > > > > If the volume has been deliberately corrupted, then no guarantee that file system > > driver will behave nicely. Technically speaking, inode write operation should never > > happened for corrupted volume because the corruption should be detected during > > b-tree node initialization time. If we would like to achieve such nice state of HFS/HFS+ > > drivers, then it requires a lot of refactoring/implementation efforts. I am not sure that > > it is worth to do because not so many guys really use HFS/HFS+ as the main file > > system under Linux. > > > Most popular distros will happily auto-mount HFS/HFS+ from anything > inserted into USB (e.g. what one may think is a charger). This creates > interesting security consequences for most Linux users. > An image may also be corrupted non-deliberately, which will lead to > random memory corruptions if the kernel trusts it blindly. Then we should delete the HFS/HFS+ filesystems. They're orphaned in MAINTAINERS and if distros are going to do such a damnfool thing, then we must stop them.
