lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Mon, 13 Mar 2017 10:54:53 +0000
From:   "Reshetova, Elena" <elena.reshetova@...el.com>
To:     "dsterba@...e.cz" <dsterba@...e.cz>
CC:     "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "linux-fsdevel@...r.kernel.org" <linux-fsdevel@...r.kernel.org>,
        "linux-btrfs@...r.kernel.org" <linux-btrfs@...r.kernel.org>,
        "peterz@...radead.org" <peterz@...radead.org>,
        "gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org>,
        "jbacik@...com" <jbacik@...com>, "clm@...com" <clm@...com>,
        "dsterba@...e.com" <dsterba@...e.com>
Subject: RE: [PATCH 00/17] fs, btrfs refcount conversions


> On Fri, Mar 03, 2017 at 10:55:09AM +0200, Elena Reshetova wrote:
> > Now when new refcount_t type and API are finally merged
> > (see include/linux/refcount.h), the following
> > patches convert various refcounters in the btrfs filesystem from atomic_t
> > to refcount_t. By doing this we prevent intentional or accidental
> > underflows or overflows that can led to use-after-free vulnerabilities.
> >
> > The below patches are fully independent and can be cherry-picked separately.
> > Since we convert all kernel subsystems in the same fashion, resulting
> > in about 300 patches, we have to group them for sending at least in some
> > fashion to be manageable. Please excuse the long cc list.
> 
> Thanks, the patchset looks good to me, I'm going to add it to the 4.12 queue.

Thank you very much!

> 
> > These patches have been tested with xfstests by running btrfs-related tests.
> > btrfs debug was enabled, warns on refcount errors, too. No output related to
> > refcount errors produced. However, the following errors were during the run:
> >  * tests btrfs/078, btrfs/114, btrfs/115, no errors anywhere in dmesg, but
> >  process hangs. They all seem to be around qgroup, sometimes error visible
> >  such as qgroup scan failed -4 before it blocks, but not always.
> >  * test btrfs/104 dmesg has additional error output:
> >  BTRFS warning (device vdc): qgroup 258 reserved space underflow, have: 0,
> >  to free: 4096
> >  I tried looking at the code on what causes the failure, but could not figure
> >  it out. It doesn't seem to be related to any refcount changes at least IMO.
> >
> > The above test failures are hard for me to understand and interpreted, but
> > they don't seem to relate to refcount conversions.
> 
> I don't think they're related to the refcount updates so we'll address
> them.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ