Received: by 2002:a89:413:0:b0:1fd:dba5:e537 with SMTP id m19csp207368lqs; Thu, 13 Jun 2024 08:02:56 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCVa195eec/dbpFa3aoUh0d3/YR8tl6dy1S6BYyElCwnNjXLGPKhGuplHQCSlxuOu9o8UhxLiMApJ/dcSxSeFWlwkjmjpqCG46a5bqA1jw== X-Google-Smtp-Source: AGHT+IEReeB8OsVONN/1ji2RQqjeca//tDBXGIEq30N6pe3T9nzWCvfqlzt0+8lbuJGWJ4G6j+vx X-Received: by 2002:a25:e0cb:0:b0:dff:4a3:2dfa with SMTP id 3f1490d57ef6-dff04a33284mr2073313276.51.1718290976299; Thu, 13 Jun 2024 08:02:56 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1718290976; cv=pass; d=google.com; s=arc-20160816; b=E/x4Ir6RDSCmTwCkoocL6VW68unXG1lDHCItId+pW/Fhc3xJYgH7c82nxbc1uex0M2 l2KMPo7ksXxo8PCiQx6A0KSuuMqTw1Bs3PBiy3Pkq5A9JMNdFjeeY6DeZjivcdKi+WLr uvXitI6XQfrEgD46BQpQgNKFoVEULGxcqmwKHOp5ahEdOZ5mbjbl5rMVopYvXgHtBxgb XFnzG9wnqIwgTgh5cVhTOT5J7+8M2y4h1JI/27Q/tes5cwCqIXTXPlw+WunPavF1jJSQ Rf+q6ZxwA8SoQC2GkimNOOksX5dAD1vU4mc1lMyBEvx/7OGWNxH4h5U/IDKxFTHWSL+Z 3E3Q== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:message-id:date:subject:cc:to :from:dkim-signature:dkim-signature:dkim-signature:dkim-signature; bh=SD6jIpupBdBHUAMwJsF533Ss0oyAQrgLXeA5Z7ZQvMI=; fh=lkxvrZWcYGbImI4OfdpZYkfccDZJYOBJoyBq5Z+6RVQ=; b=iGsM9w/I1LGlED9NKdzY5AHizFCxzmU2en/o8WUuP+Nk1kSr0uaQmEt1JJkhK4i7Js s6ex/JB0hUvjLxsGJHwdTSpR2DvL46RUmJvJZc2ccDz6SVmaFY9ImpaaIlsBFjjNQdzC OIgWatEkOdWYx+72q8QtI6BYjl3yjJOGElw4Soj3kmJnmwuWsSnG4l/rW3j8RxW/OfmP HpaRIgSyB9cVWnc1nHqDw3UDY6eeHJ7rmjGWrvj8bWD+lMQmcBjttItDpPc38HVxFAWx AYwEVbgZFncSa7jJS5B1fCByVy3sJ5kd1z4YT5wZveLUdPPO70khTyE8AJAGW9cZ7tHG AQTQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@suse.cz header.s=susede2_rsa header.b=vsQ6UjU5; dkim=neutral (no key) header.i=@suse.cz header.s=susede2_ed25519; dkim=pass header.i=@suse.cz header.s=susede2_rsa header.b=EFQqZ1tT; dkim=neutral (no key) header.i=@suse.cz header.s=susede2_ed25519; arc=pass (i=1 spf=pass spfdomain=suse.cz dkim=pass dkdomain=suse.cz dkim=pass dkdomain=suse.cz); spf=pass (google.com: domain of linux-ext4+bounces-2876-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-ext4+bounces-2876-linux.lists.archive=gmail.com@vger.kernel.org" Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id 3f1490d57ef6-dff045fb13csi472993276.173.2024.06.13.08.02.56 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 13 Jun 2024 08:02:56 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-ext4+bounces-2876-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@suse.cz header.s=susede2_rsa header.b=vsQ6UjU5; dkim=neutral (no key) header.i=@suse.cz header.s=susede2_ed25519; dkim=pass header.i=@suse.cz header.s=susede2_rsa header.b=EFQqZ1tT; dkim=neutral (no key) header.i=@suse.cz header.s=susede2_ed25519; arc=pass (i=1 spf=pass spfdomain=suse.cz dkim=pass dkdomain=suse.cz dkim=pass dkdomain=suse.cz); spf=pass (google.com: domain of linux-ext4+bounces-2876-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-ext4+bounces-2876-linux.lists.archive=gmail.com@vger.kernel.org" Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 96F191C23378 for ; Thu, 13 Jun 2024 15:02:55 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id C3EF4149006; Thu, 13 Jun 2024 15:02:48 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=suse.cz header.i=@suse.cz header.b="vsQ6UjU5"; dkim=permerror (0-bit key) header.d=suse.cz header.i=@suse.cz header.b="gYM8a8+P"; dkim=pass (1024-bit key) header.d=suse.cz header.i=@suse.cz header.b="EFQqZ1tT"; dkim=permerror (0-bit key) header.d=suse.cz header.i=@suse.cz header.b="Bx/wcvOy" X-Original-To: linux-ext4@vger.kernel.org Received: from smtp-out1.suse.de (smtp-out1.suse.de [195.135.223.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AE233146A67 for ; Thu, 13 Jun 2024 15:02:46 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=195.135.223.130 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1718290968; cv=none; b=mZMPbCL8WUL5GlZ7DTl5LHYjpBhZHHXwkuAiKPCqkVP/95tDb5W/piDhMES4O6fOvXjOmHyqTO4q4wN199sOfLb/+YJ622N2zdw3uV91t4p7tz7XLXaj5hMH05UBRPWLhP17liQpAyofME9ZDJd9cRzXUD5J4DetND2kOkLD5u4= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1718290968; c=relaxed/simple; bh=fAqjK5O1c8mIp8p6SwbPnUCT2Xqi3fFywkvYhHxu9D4=; h=From:To:Cc:Subject:Date:Message-Id:MIME-Version; b=XZtJBD1ezaQUZZj8528TkUnOeocwFurb4f2AsGhK2BnxplvIMulDk3qHrC1bILtCWyG5WIr0wPvo5rAZjYPDyrIZfCRZ74UhaLPgRVgfBk7cCmU5UkTqZ+iUjap6geLbxsbetPZs6d7mtsjjN4MTqNYm9Wkq3ILqk4/mi3dvUaw= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=suse.cz; spf=pass smtp.mailfrom=suse.cz; dkim=pass (1024-bit key) header.d=suse.cz header.i=@suse.cz header.b=vsQ6UjU5; dkim=permerror (0-bit key) header.d=suse.cz header.i=@suse.cz header.b=gYM8a8+P; dkim=pass (1024-bit key) header.d=suse.cz header.i=@suse.cz header.b=EFQqZ1tT; dkim=permerror (0-bit key) header.d=suse.cz header.i=@suse.cz header.b=Bx/wcvOy; arc=none smtp.client-ip=195.135.223.130 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=suse.cz Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=suse.cz Received: from imap1.dmz-prg2.suse.org (imap1.dmz-prg2.suse.org [IPv6:2a07:de40:b281:104:10:150:64:97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp-out1.suse.de (Postfix) with ESMTPS id C87B1372E1; Thu, 13 Jun 2024 15:02:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_rsa; t=1718290965; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=SD6jIpupBdBHUAMwJsF533Ss0oyAQrgLXeA5Z7ZQvMI=; b=vsQ6UjU5BUAF+d42WvVY+TCF81cZlyvGAxnbbitZprEyl8pK7KSBwI77ZSJxFDRaj1G0kk JJdqIE/8XzoEvb/KHgGf332KVF3SZaZA3dJCHljYO+Am+6OGUeWjRezmwOoASF15kRqJsi j/lb4jPIKulabjpZisVJWCaFSjDOvKs= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_ed25519; t=1718290965; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=SD6jIpupBdBHUAMwJsF533Ss0oyAQrgLXeA5Z7ZQvMI=; b=gYM8a8+PaSDxXnB6bf+VKawP7p9Z1GfRWm3fdUa4qP4piHFCAqnf73fkXfgvRCmsJxbZ+P DFBGgdIRSYUbXhDg== Authentication-Results: smtp-out1.suse.de; dkim=pass header.d=suse.cz header.s=susede2_rsa header.b=EFQqZ1tT; dkim=pass header.d=suse.cz header.s=susede2_ed25519 header.b="Bx/wcvOy" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_rsa; t=1718290964; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=SD6jIpupBdBHUAMwJsF533Ss0oyAQrgLXeA5Z7ZQvMI=; b=EFQqZ1tTSyfj/lhKPb54wYYDnkWG37Gw8itl6s7zINXbd2/NdHc6xqlKXAqlhnSJfauHwC 4XEOjbEQX8QegIY5MycMG4b+fatp8DfzKfxEnMp9rg1cls74Z43sEwqAp0CkP5G6e1bTGH b+TvR+bOECU2DUC6TqBm/Xk8Af4YHTo= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_ed25519; t=1718290964; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=SD6jIpupBdBHUAMwJsF533Ss0oyAQrgLXeA5Z7ZQvMI=; b=Bx/wcvOyoWWVbRNjEks4PslLhllbl+7gGW2WH9VPH92czO2GjR35cOEUgtrYdKMylRt9Qk Ril74twlwsYsjkDw== Received: from imap1.dmz-prg2.suse.org (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by imap1.dmz-prg2.suse.org (Postfix) with ESMTPS id BDD9513A7F; Thu, 13 Jun 2024 15:02:44 +0000 (UTC) Received: from dovecot-director2.suse.de ([2a07:de40:b281:106:10:150:64:167]) by imap1.dmz-prg2.suse.org with ESMTPSA id fZ1TLhQKa2afWgAAD6G6ig (envelope-from ); Thu, 13 Jun 2024 15:02:44 +0000 Received: by quack3.suse.cz (Postfix, from userid 1000) id 6CC0CA0869; Thu, 13 Jun 2024 17:02:44 +0200 (CEST) From: Jan Kara To: Ted Tso Cc: , Jan Kara , syzbot+9c1fe13fcb51574b249b@syzkaller.appspotmail.com, Hugh Dickins Subject: [PATCH] ext4: Avoid writing unitialized memory to disk in EA inodes Date: Thu, 13 Jun 2024 17:02:34 +0200 Message-Id: <20240613150234.25176-1-jack@suse.cz> X-Mailer: git-send-email 2.35.3 Precedence: bulk X-Mailing-List: linux-ext4@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=1189; i=jack@suse.cz; h=from:subject; bh=fAqjK5O1c8mIp8p6SwbPnUCT2Xqi3fFywkvYhHxu9D4=; b=owEBbQGS/pANAwAIAZydqgc/ZEDZAcsmYgBmawoEn85IpjKYBZsoB4Nigkrt07q/+/iFBP54bscq pIME9nCJATMEAAEIAB0WIQSrWdEr1p4yirVVKBycnaoHP2RA2QUCZmsKBAAKCRCcnaoHP2RA2YShCA CbtaAwljq93evKtXYyn8f/VkItKMhSDGDJw1fdVH8apBnwDuC2xYBb+1kBOfItzMJsp4tbhqaNcMm3 bdAvjajy/mVkmR6NHb+lRrHz71lfbnf3Gp6PJrNWt9SPss3mVDFAVJ18y7H3+dgObqH+GEFjQHp7UU +Sh71PNg+rk5+kVeG88vwikh4AbNJOVivpCzLkJygJ6F9oJJrb8QGwVmrl9bBnfgvubZ9IR/57jpEE t6sdhsnw9wY11tOu0mYdKnnzyjo9UTfHh4h4z6HuVHVb18wxgkw8QZvRni2HnArPn6O885r41shTLJ w/n6H7sXY64J7lc1XUbPP1eVWdoOag X-Developer-Key: i=jack@suse.cz; a=openpgp; fpr=93C6099A142276A28BBE35D815BC833443038D8C Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: C87B1372E1 X-Spam-Score: -1.51 X-Spam-Level: X-Spam-Flag: NO X-Spamd-Result: default: False [-1.51 / 50.00]; BAYES_HAM(-3.00)[99.98%]; SUSPICIOUS_RECIPS(1.50)[]; MID_CONTAINS_FROM(1.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; R_MISSING_CHARSET(0.50)[]; R_DKIM_ALLOW(-0.20)[suse.cz:s=susede2_rsa,suse.cz:s=susede2_ed25519]; NEURAL_HAM_SHORT(-0.20)[-1.000]; MIME_GOOD(-0.10)[text/plain]; MX_GOOD(-0.01)[]; TAGGED_RCPT(0.00)[9c1fe13fcb51574b249b]; MIME_TRACE(0.00)[0:+]; RCVD_VIA_SMTP_AUTH(0.00)[]; SPAMHAUS_XBL(0.00)[2a07:de40:b281:104:10:150:64:97:from]; TO_DN_SOME(0.00)[]; ARC_NA(0.00)[]; RCVD_COUNT_THREE(0.00)[3]; RCPT_COUNT_FIVE(0.00)[5]; FROM_EQ_ENVFROM(0.00)[]; FROM_HAS_DN(0.00)[]; FUZZY_BLOCKED(0.00)[rspamd.com]; DBL_BLOCKED_OPENRESOLVER(0.00)[appspotmail.com:email,suse.cz:email,suse.cz:dkim,imap1.dmz-prg2.suse.org:helo,imap1.dmz-prg2.suse.org:rdns]; RCVD_TLS_LAST(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; DKIM_SIGNED(0.00)[suse.cz:s=susede2_rsa,suse.cz:s=susede2_ed25519]; DKIM_TRACE(0.00)[suse.cz:+] X-Rspamd-Action: no action X-Rspamd-Server: rspamd1.dmz-prg2.suse.org If the extended attribute size is not a multiple of block size, the last block in the EA inode will have uninitialized tail which will get written to disk. We will never expose the data to userspace but still this is not a good practice so just zero out the tail of the block as it isn't going to cause a noticeable performance overhead. Fixes: e50e5129f384 ("ext4: xattr-in-inode support") Reported-by: syzbot+9c1fe13fcb51574b249b@syzkaller.appspotmail.com Reported-by: Hugh Dickins Signed-off-by: Jan Kara --- fs/ext4/xattr.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/fs/ext4/xattr.c b/fs/ext4/xattr.c index 6460879b9fcb..46ce2f21fef9 100644 --- a/fs/ext4/xattr.c +++ b/fs/ext4/xattr.c @@ -1433,6 +1433,12 @@ static int ext4_xattr_inode_write(handle_t *handle, struct inode *ea_inode, goto out; memcpy(bh->b_data, buf, csize); + /* + * Zero out block tail to avoid writing uninitialized memory + * to disk. + */ + if (csize < blocksize) + memset(bh->b_data + csize, 0, blocksize - csize); set_buffer_uptodate(bh); ext4_handle_dirty_metadata(handle, ea_inode, bh); -- 2.35.3