lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20080521113855.GD8581@mit.edu>
Date:	Wed, 21 May 2008 07:38:55 -0400
From:	Theodore Tso <tytso@....edu>
To:	Bas van Schaik <bas@...es.nl>
Cc:	linux-ext4@...r.kernel.org
Subject: Re: Reoccurring ext3 errors: attempt to access beyond end of
	device, freeing blocks not in datazone

On Wed, May 21, 2008 at 12:02:42AM +0200, Bas van Schaik wrote:
> Ah, such a lead was exactly what I was looking for, now I at least know
> where those bogus numbers were coming from. Maybe a very dump question:
> you seem to have reverse the ascii "translation", why? 

x86 (and the ext3 indirect blocks) are stored in little endian format.
If you doubt me, try running this program:

main(int argc, char **argv)
{
	char	a[5];
	int	*b;

	b = (int *) a;
	*b = 0x61626364;
	a[4] = 0;
	printf("%s\n", a);
}

> Summarizing all this: there is clearly something writing garbage to the
> wrong place. It must be something above the encryption layer, since
> that's the only way ascii can be written to the device.
> 
> Remember the different layers:
>   ext3 on decrypted /dev/loop0
>   LVM logical volume (encrypted)
>   RAID5 arrays
>   Imported AoE-devices
>   Physical disks
> 
> This conclusion kind of worries me, I was assuming that there was
> something wrong at the networking level (AoE) or below. If that were the
> case, the encrypted data would get modified and the corruptions would
> look totally different. Or am I missing something?

Not necessarily, this could be simply valid data getting written to
the wrong place.  

How are you encrypting your loop device, and what encryption system
are you using?

What sort of workload are you using with your filesystem, what version
of the kernel are your running, and does the machine crash often
(i.e., forcing journal replays)?

							- Ted
--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ