[PATCH 0/2] [SRU][X/master] squashfs hardening
Paolo Pisati
paolo.pisati at canonical.com
Tue Feb 19 14:32:29 UTC 2019
"There are a number of squashfs hardening fixes. They don't have CVE number
assigned but it would be good to backport the fixes to harden our kernel against
malicious squashfs images. Snaps are simply squashfs images so an attacker could
craft a malicious snap and attack the kernel of end users that install their
crafted snaps."
Patch 0001 required a rename s/PAGE_SIZE/PAGE_CACHE_SIZE/g[*], patch 0002 is a
clean cherry pick - the othe patches that i previously submitted to
Bionic/master, already landed as part of upstream SRU.
*: see 09cbfeaf1a5a67bfb3201e0c83c810cecb2efa5a for more info wrt PAGE_SIZE vs
PAGE_CACHE_SIZE - they are essentially the same, PAGE_CACHE_SIZE was never
*really* used since it was always assumed to be equale to PAGE_SIZE so it was
retired, etc.
Linus Torvalds (1):
squashfs metadata 2: electric boogaloo
Phillip Lougher (1):
Squashfs: Compute expected length from inode size rather than block
length
fs/squashfs/file.c | 50 ++++++++++++++++++++++++++---------------------
fs/squashfs/file_cache.c | 4 ++--
fs/squashfs/file_direct.c | 24 +++++++++++------------
fs/squashfs/squashfs.h | 3 ++-
4 files changed, 44 insertions(+), 37 deletions(-)
--
2.7.4
More information about the kernel-team
mailing list