lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-Id: <0B0D440B-A827-471D-A797-0D94ED8F9F0E@dilger.ca>
Date:   Thu, 29 Jun 2017 12:18:03 -0600
From:   Andreas Dilger <adilger@...ger.ca>
To:     "zhangyi (F)" <yi.zhang@...wei.com>, Li Xi <lixi@....com>
Cc:     linux-ext4 <linux-ext4@...r.kernel.org>,
        Theodore Ts'o <tytso@....edu>, miaoxie@...wei.com,
        Jan Kara <jack@...e.cz>, Wang Shilong <wshilong@....com>
Subject: Re: Question about ext4 project feature

On Jun 29, 2017, at 4:46 AM, zhangyi (F) <yi.zhang@...wei.com> wrote:
> 
> Hi All:
> 
> I find a problem when I use project quota, my base environment is
> radhat7.2 (kernel-3.10.y + e2fsprogs-1.42.9).
> 
> It will be reproduced with the following steps:
> 1. mkfs.ext4 /dev/vdb1
> 2. mount /dev/vdb1 /mnt
> 3. touch /mnt/testfile
> 4. umount /mnt
> 5. Update kernel and e2fsprogs to *upstream stable version*
> 6. tune2fs -O quota,project /dev/vdb1
> 7. mount /dev/vdb1 /mnt
> 8. chattr -p 123 /mnt/testfile
> 
> Execute fail and output:
> /bin/chattr: Value too large for defined data type while setting project on /mnt/aa
> 
> The immediate reason is the following check, i_extra_isize is not updated.
> static int ext4_ioctl_setproject(struct file *filp, __u32 projid)
> {
> 	...
> 	raw_inode = ext4_raw_inode(&iloc);
> 	if (!EXT4_FITS_IN_INODE(raw_inode, ei, i_projid)) {
> 		err = -EOVERFLOW;
> 		brelse(iloc.bh);
> 		goto out_unlock;
> 	}
> 	...
> }
> 
> So if I write something to testfile before "step 8" ,the chattr will execute
> successfully, because it trigger ext4_expand_extra_isize() to update
> i_extra_isize. So is this a BUG or I miss something?

It looks like this code path should also try to expand i_extra_isize if possible,
and only return an error if that fails.

Li Xi, would you be able to look into that?

Cheers, Andreas






Download attachment "signature.asc" of type "application/pgp-signature" (196 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ