lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sun, 7 Jan 2018 16:04:46 -0500
From:   Theodore Ts'o <tytso@....edu>
To:     Eric Biggers <ebiggers3@...il.com>
Cc:     linux-fsdevel@...r.kernel.org, linux-ext4@...r.kernel.org,
        Andrew Morton <akpm@...ux-foundation.org>,
        Eric Biggers <ebiggers@...gle.com>, Jan Kara <jack@...e.cz>,
        Jiang Biao <jiang.biao2@....com.cn>
Subject: Re: [PATCH] Revert "fs/mbcache.c: make count_objects() more robust"

On Sat, Jan 06, 2018 at 10:06:54AM -0800, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@...gle.com>
> 
> This reverts commit d5dabd633922ac5ee5bcc67748f7defb8b211469.
> 
> This patch did absolutely nothing, because ->c_entry_count is unsigned.
> 
> In addition if there is a bug in how mbcache maintains its entry count,
> it needs to be fixed, not just hacked around.  (There is no obvious bug,
> though.)

Right, if we're going to add a check, we should be checking to make
sure cache->c_entry_count is not zero before we decrement it in
mb_cache_entry_delete().

I will note that it's quite possible the error is in do_shrink_slab()
--- it's already dodgy that it assigns an unsigned long from
shrinker->count_objects to a signed long.  Then it multiplies it by (4
* nr_scanned) / shrinker->seeks.  So there are plenty of opportunities
to get the "negative objects to delete" message that has nothing to do
with value returned from mb_cache_count().

Regards,

					- Ted

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ