lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20081121173920.GG11212@skywalker>
Date:	Fri, 21 Nov 2008 23:09:20 +0530
From:	"Aneesh Kumar K.V" <aneesh.kumar@...ux.vnet.ibm.com>
To:	Eric Sandeen <sandeen@...hat.com>
Cc:	cmm@...ibm.com, tytso@....edu, linux-ext4@...r.kernel.org
Subject: Re: [PATCH -V2 3/5] ext4: Fix the race between read_block_bitmap
	and mark_diskspace_used

On Fri, Nov 21, 2008 at 11:01:35PM +0530, Aneesh Kumar K.V wrote:
> On Fri, Nov 21, 2008 at 11:22:04AM -0600, Eric Sandeen wrote:
> > Aneesh Kumar K.V wrote:
> > > We need to make sure we update the block bitmap and clear
> > > EXT4_BG_BLOCK_UNINIT flag with sb_bgl_lock held. We look
> > > at EXT4_BG_BLOCK_UNINIT and reinit the block bitmap each
> > > time in ext4_read_block_bitmap (introduced by
> > > c806e68f5647109350ec546fee5b526962970fd2 )
> > 
> > Can you add details about the failure mode(s) of this race, so people
> > (i.e. me) have an idea which bugs they've seen that it might address?
> > 
> 

The errors I have seen are

a)
3795  if (free != pa->pa_free) {
3796      printk(KERN_CRIT "pa %p: logic %lu, phys. %lu, len %lu\n",
3797                pa, (unsigned long) pa->pa_lstart,
3798                (unsigned long) pa->pa_pstart,
3799                 (unsigned long) pa->pa_len);

b)

1091     if (!mb_test_bit(block, EXT4_MB_BITMAP(e4b))) {
1092             ext4_fsblk_t blocknr;
1093             blocknr = e4b->bd_group * EXT4_BLOCKS_PER_GROUP(sb);
1094             blocknr += block;
1095             blocknr +=
1096 			le32_to_cpu(EXT4_SB(sb)->s_es->s_first_data_block);
1097           ext4_unlock_group(sb, e4b->bd_group);
1098           ext4_error(sb, __func__, "double-free of
inode"

For inode bitmap i have seen

[root@...19 tmp]# ls -al /mnt/tmp/f/p369/d3/d6/d39/db2/dee/d10f/d3f/l71
ls: /mnt/tmp/f/p369/d3/d6/d39/db2/dee/d10f/d3f/l71: Stale NFS file handle
[root@...19 tmp]# ls -al /mnt/tmp/f/p369/d3/d6/d39/db2/dee/d10f/d3f/
total 411
drwxrwxrwx 3 689933 root    1024 Nov 18 05:59 .
drwxrwxrwx 3   8391 root    1024 Nov 18 05:59 ..
drwxrwxrwx 2 root   root    1024 Nov 18 05:33 d83
-rw-rw-rw- 1 root   root       0 Nov 18 05:06 fb4
-rw-rw-rw- 1 root   root 3350138 Nov 18 05:33 fb9
?--------- ? ?      ?          ?            ? l71
lrwxrwxrwx 1 root   root     509 Nov 18 05:23 ld9 -> xxxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxxx/xxxxxxxx
[root@...19 tmp]# 

dmesg gives:

EXT4-fs error (device sdb1): ext4_free_inode: bit already cleared for inode 168449


Some other message i got before. But i didn't capture the info fully 

a) "Deleting nonexistent file ..." warning in ext4_unlink

b) "Empty directory has too many links..." in ext4_rmdir

--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ