lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 05 Dec 2012 18:02:40 +0900
From:	OGAWA Hirofumi <hirofumi@...l.parknet.co.jp>
To:	Namjae Jeon <linkinjeon@...il.com>
Cc:	akpm@...ux-foundation.org, linux-fsdevel@...r.kernel.org,
	linux-kernel@...r.kernel.org,
	Namjae Jeon <namjae.jeon@...sung.com>,
	Ravishankar N <ravi.n1@...sung.com>,
	Amit Sahrawat <a.sahrawat@...sung.com>
Subject: Re: [PATCH v5 7/8] fat (exportfs): rebuild directory-inode if fat_dget() fails

Namjae Jeon <linkinjeon@...il.com> writes:

>>>> This became much better than before. However, we have to consolidate the
>>>> code with fat_search_long() finally.
>>>>
>>>> E.g. this version is having the issue already fixed. If there is
>>>> corruption in fat cluster-chain, it lead to infinite
>>>> loop. fat_get_cluster() checks infinite loop by limit.
>>> since, the focus this time was for NFS functionality for FAT (removing
>>> ESTALE error). The changes were made in that context.
>>>
>>> Later, we can make the changes as part of code reorganizing which can
>>> be controlled via. Separate patches which do not have any impact on
>>> default functionality and verification can be carried out in that
>>> scope.
>>
>> Right. But non-production code shouldn't go into linus tree. I meant, we
>> can test this patch series, but not yet production quality.
> Is there any other thing which seems potential issue than offsetof()?
> if yes, which problem didn't lead to production quality do you think ?
>
> +#define FAT_FID_SIZE_WITHOUT_PARENT (offsetof(struct fat_fid, \
> +					      parent_i_pos_hi)/4)
> Since this expression does not result proper integer value, so will it
> be correct to directly put the value like
> +#define FAT_FID_SIZE_WITHOUT_PARENT 3

The issue is what I explained in the above "E.g.".

Directory traversal logic should be consolidate with fat_search_log().
Otherwise, like this nfs implement, we will introduce already-fixed-problem
again. And we will be bothered to fix same issue in future.
-- 
OGAWA Hirofumi <hirofumi@...l.parknet.co.jp>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ