| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20180107210446.GB17380@thunk.org>
Date: Sun, 7 Jan 2018 16:04:46 -0500
From: Theodore Ts'o <tytso@....edu>
To: Eric Biggers <ebiggers3@...il.com>
Cc: linux-fsdevel@...r.kernel.org, linux-ext4@...r.kernel.org,
Andrew Morton <akpm@...ux-foundation.org>,
Eric Biggers <ebiggers@...gle.com>, Jan Kara <jack@...e.cz>,
Jiang Biao <jiang.biao2@....com.cn>
Subject: Re: [PATCH] Revert "fs/mbcache.c: make count_objects() more robust"
On Sat, Jan 06, 2018 at 10:06:54AM -0800, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@...gle.com>
>
> This reverts commit d5dabd633922ac5ee5bcc67748f7defb8b211469.
>
> This patch did absolutely nothing, because ->c_entry_count is unsigned.
>
> In addition if there is a bug in how mbcache maintains its entry count,
> it needs to be fixed, not just hacked around. (There is no obvious bug,
> though.)
Right, if we're going to add a check, we should be checking to make
sure cache->c_entry_count is not zero before we decrement it in
mb_cache_entry_delete().
I will note that it's quite possible the error is in do_shrink_slab()
--- it's already dodgy that it assigns an unsigned long from
shrinker->count_objects to a signed long. Then it multiplies it by (4
* nr_scanned) / shrinker->seeks. So there are plenty of opportunities
to get the "negative objects to delete" message that has nothing to do
with value returned from mb_cache_count().
Regards,
- Ted
Powered by blists - more mailing lists