lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20190122065823.67957-1-yangerkun@huawei.com>
Date:   Tue, 22 Jan 2019 14:58:19 +0800
From:   yangerkun <yangerkun@...wei.com>
To:     <tytso@....edu>, <jack@...e.com>
CC:     <miaoxie@...wei.com>, <yi.zhang@...wei.com>, <houtao1@...wei.com>,
        <yangerkun@...wei.com>, <linux-ext4@...r.kernel.org>
Subject: [PATCH V2 0/4] fix bugs for ioctl EXT4_IOC_SWAP_BOOT

Changelog v1 ==> v2:
1.Modify the first patch since it will conflit with
8a36397("ext4: avoid declaring fs inconsistent due to invalid file handles").

2.Add the explain in each patch.

3.Give up using dquot_alloc_space_nofail, since it may exceed hard limit of quota.
Now we update the quota information when all swap function has been finished and won't
trigger a 'Revert'.

The latter program running with a ext3fs or ext4fs with nodealloc
will trigger a warning show as bellow:

[  123.644524] EXT4-fs (vdb): mounting ext3 file system using the ext4 subsystem
[  123.647408] EXT4-fs (vdb): mounted filesystem with ordered data mode. Opts: (null)
[  138.323196] WARNING: CPU: 1 PID: 1130 at fs/ext4/ext4_jbd2.c:271 __ext4_handle_dirty_metadata+0x103/0x1a0
[  138.323198] Modules linked in:
[  138.323203] CPU: 1 PID: 1130 Comm: a.out Not tainted 5.0.0-rc2opt+ #62
[  138.323205] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.12.0-0-ga698c8995f-prebuilt.qemu.org 04/01/2014
[  138.323208] RIP: 0010:__ext4_handle_dirty_metadata+0x103/0x1a0
[  138.323210] Code: 00 48 8b 40 68 48 89 90 d8 01 00 00 48 8b 4b 18 44 89 fa e8 ff c3 04 00 eb 84 48 89 df 45 31 ed e8 52 40 f9 ff e9 74 ff ff ff <0f> 0b 48 c7 c2 c0 88 e4 b1 45 89 e8 48 89 e9 44 89 fe 4c 89 f7 e8
[  138.323211] RSP: 0018:ffffb997422bfc00 EFLAGS: 00010286
[  138.323212] RAX: ffff9f0ab10ef800 RBX: ffff9f0a8cc74208 RCX: 0000000000000000
[  138.323213] RDX: ffff9f0a8cc64000 RSI: ffff9f0a8cc74208 RDI: ffff9f0a8cc64000
[  138.323214] RBP: ffff9f0a8cc64000 R08: ffff9f0a8cc74208 R09: ffffffffb1375300
[  138.323215] R10: 0000000000000020 R11: ffff9f0a8cc74208 R12: 0000000000000000
[  138.323216] R13: 00000000ffffff8b R14: ffffffffb1e496e8 R15: 0000000000000559
[  138.323217] FS:  00007f878e152440(0000) GS:ffff9f0ab3a40000(0000) knlGS:0000000000000000
[  138.323218] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  138.323219] CR2: 00007f878dcec395 CR3: 000000041bbc5000 CR4: 00000000000006e0
[  138.323223] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  138.323223] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  138.323224] Call Trace:
[  138.323282]  write_end_fn+0x42/0x50
[  138.323303]  ext4_walk_page_buffers+0x72/0xa0
[  138.323320]  ? __ext4_expand_extra_isize+0x90/0x90
[  138.323322]  ext4_journalled_write_end+0xdb/0x510
[  138.323335]  ? copyin+0x22/0x30
[  138.323355]  generic_perform_write+0xfd/0x1b0
[  138.323385]  __generic_file_write_iter+0x196/0x1e0
[  138.323402]  ? generic_write_checks+0x4c/0xb0
[  138.323404]  ext4_file_write_iter+0xc7/0x400
[  138.323439]  ? tty_write+0x1bf/0x2e0
[  138.323441]  ? n_tty_open+0xa0/0xa0
[  138.323453]  __vfs_write+0x11e/0x1b0
[  138.323479]  vfs_write+0xb3/0x1b0
[  138.323481]  ksys_write+0x52/0xc0
[  138.323487]  do_syscall_64+0x55/0x170
[  138.323523]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  138.323555] RIP: 0033:0x7f878dc6b130
[  138.323556] Code: 73 01 c3 48 8b 0d 58 ed 2c 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 83 3d b9 45 2d 00 00 75 10 b8 01 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 3e f3 01 00 48 89 04 24
[  138.323557] RSP: 002b:00007ffe8104ecc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  138.323559] RAX: ffffffffffffffda RBX: 00007f878dd035b0 RCX: 00007f878dc6b130
[  138.323560] RDX: 0000000000000020 RSI: 0000000000601080 RDI: 0000000000000003
[  138.323560] RBP: 00007ffe8104ed10 R08: 0000000000000000 R09: 0000000000000000
[  138.323561] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000400610
[  138.323562] R13: 00007ffe8104edf0 R14: 0000000000000000 R15: 0000000000000000
[  138.323564] ---[ end trace 8c5d15ab55f9bea9 ]---
[  138.323586] EXT4-fs: write_end_fn:1369: aborting transaction: Corrupt filesystem in __ext4_handle_dirty_metadata
[  138.326177] EXT4: jbd2_journal_dirty_metadata failed: handle type 2 started at line 1289, credits 19/17, errcode -117
[  138.326231] EXT4-fs error (device vdb) in ext4_do_update_inode:5362: Readonly filesystem
[  138.329147] EXT4-fs error (device vdb) in ext4_journalled_write_end:1550: Corrupt filesystem


And the problem is that swap_inode_data in swap_inode_boot_loader
will swap inode flags without reset aops. In this scene, ext4_should_journal_data
in ext4_write_begin will return false and there won't a journal_head append to
buffer_head, but we will still use ext4_journalled_write_end, this function
will return false while do 'buffer_jbd' check and trigger the warning.

We can reset the aops while swapping, but it may better to add a mask to distinguish
the flags should be swapped or not.

Also, there is some other fix about this ioctl.

yangerkun (4):
  ext4: fix check of inode in swap_inode_boot_loader
  ext4: cleanup pagecache before swap i_data
  ext4: update quota information while swapping boot loader inode
  ext4: add mask of ext4 flags to swap

 fs/ext4/ext4.h  |   4 +++
 fs/ext4/ioctl.c | 100 +++++++++++++++++++++++++++++++++++++++++---------------
 2 files changed, 77 insertions(+), 27 deletions(-)

-- 
2.9.5

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ