lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sun, 3 Jun 2007 11:22:44 +0400
From:	Cyrill Gorcunov <gorcunov@...il.com>
To:	Andrew Morton <akpm@...ux-foundation.org>
Cc:	Eric Sandeen <sandeen@...deen.net>, Jan Kara <jack@...e.cz>,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH 2/2] Fix possible leakage of blocks in UDF

[Cyrill Gorcunov - Sun, Jun 03, 2007 at 10:28:40AM +0400]
| [Andrew Morton - Sat, Jun 02, 2007 at 03:49:42PM -0700]
| | On Sun, 3 Jun 2007 00:01:46 +0400 Cyrill Gorcunov <gorcunov@...il.com> wrote:
| | 
| | > [Andrew Morton - Sat, Jun 02, 2007 at 12:16:16PM -0700]
| | > [...snip...]
| | > | 
| | > | No, the problem is that the patch caused the kernel to take inode_lock
| | > | within the newly-added drop_inode(), btu drop_inode() is already called
| | > | under inode_lock.
| | > | 
| | > | It has nothing to do with lock_kernel() and it has nothing to do with
| | > | sleeping.
| | > | 
| | > 
| | > Andrew, the only call that could leading to subseq. inode_lock lock
| | > is mark_inode_dirty() I guess (and that is snown by Eric's dump)
| | > but as I shown you in my dbg print without SMP it's OK. So
| | > is it SMP who lead to lock? How it depends on it? (I understand
| | > that is a stupid question for you but if you have time explain
| | > me this please ;)
| | > 
| | 
| | When CONFIG_SMP=n, spin_lock() is a no-op.  (Except with CONFIG_PREEMPT=y,
| | in which case spin_lock() will disable kernel preemption on SMP and non-SMP
| | kernels)
| | 
| | When CONFIG_SMP=y, spin_lock() really does take a lock.  But if this thread
| | already holds this lock, we'll deadlock.
| | 
| 
| Thanks, Andrew. So the reason that raises lock problem is the calling of
| mark_inode_dirty() inside drop_inode() (by indirection). And I see two way
| of solution:
| 
| - or check for inode->i_count at each mark_inode_dirty that being called
|   after drop_inode
| 
| 		if (inode->i_count > 0)
| 				mark_inode_dirty()
| 
| - or wrap mark_inode_dirty as
| 
| 	udf_mark_inode_dirty()
| 	{
- 		if (inode->i_count > 0)
+		if (atomic_read(&inode->i_count) > 0)
| 			mark_inode_dirty();
| 	}
| 
| 	and replace all mark_inode_dirty -> udf_mark_inode_dirty
| 
| Your thoughts?
| 
| 		Cyrill
| 


		Cyrill

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ