lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 29 May 2007 22:26:44 +0100 (BST)
From:	Daniel Drake <ddrake@...ntes3d.com>
To:	tytso@....edu
Cc:	linux-ext4@...r.kernel.org
Subject: [RESEND e2progs] get_backup_sb: Consider block size when searching for backups

I sent this in a few weeks ago, and it hasn't been applied to the hg tree.
Any comments? Thanks.



I've been investigating why e2fsck refuses to restore the backup superblock
of a partition with a broken primary superblock.

The partition in question has a block size of 4096, and mke2fs reports that
backup superblocks were created on blocks 32768, 98304, 163840, ...

When running e2fsck, get_backup_sb starts by guessing a block size of 1024
and backup superblock at block 8193. I'm not sure why, but it actually finds
a superblock at this location, so returns a context with superblock 8193,
blocksize 1024. 

Later on, ext2fs_open2() tries to process this superblock. It then realises
that the block size value stored in the superblock (4096) does not match what
it was told (1024), so it bails out with EXT2_ET_UNEXPECTED_BLOCK_SIZE. fsck
aborts without fixing the partition.

The following patch solves the problem by discounting superblocks which do
not meet the currently-sought block size.
As a result, block 32768 (blocksize=4096) is now used to restore the backup,
which agrees with the first location that mke2fs listed.

This doesn't explain why a superblock backup also appears to exist at
block 8193 (blocksize=1024), which in terms of my real filesystem is actually
offset into block 2048 (blocksize=4096). I assume there is an explanation
for this...

Signed-off-by: Daniel Drake <d.drake@....com>

Index: e2fsprogs-1.39/e2fsck/util.c
===================================================================
--- e2fsprogs-1.39.orig/e2fsck/util.c
+++ e2fsprogs-1.39/e2fsck/util.c
@@ -453,7 +453,8 @@ blk_t get_backup_sb(e2fsck_t ctx, ext2_f
 		if (sb->s_magic == ext2fs_swab16(EXT2_SUPER_MAGIC))
 			ext2fs_swap_super(sb);
 #endif
-		if (sb->s_magic == EXT2_SUPER_MAGIC) {
+		if (sb->s_magic == EXT2_SUPER_MAGIC &&
+		    EXT2_BLOCK_SIZE(sb) == blocksize) {
 			ret_sb = superblock;
 			if (ctx) {
 				ctx->superblock = superblock;
-
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ