| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20200227052728.A4F194203F@d06av24.portsmouth.uk.ibm.com>
Date: Thu, 27 Feb 2020 10:57:27 +0530
From: Ritesh Harjani <riteshh@...ux.ibm.com>
To: "Darrick J. Wong" <darrick.wong@...cle.com>
Cc: jack@...e.cz, tytso@....edu, linux-ext4@...r.kernel.org,
adilger.kernel@...ger.ca, linux-fsdevel@...r.kernel.org,
hch@...radead.org, cmaiolino@...hat.com
Subject: Re: [PATCHv3 4/6] ext4: Make ext4_ind_map_blocks work with fiemap
On 2/26/20 9:41 PM, Darrick J. Wong wrote:
> On Wed, Feb 26, 2020 at 03:27:06PM +0530, Ritesh Harjani wrote:
>> For indirect block mapping if the i_block > max supported block in inode
>> then ext4_ind_map_blocks may return a -EIO error. But in case of fiemap
>> this could be a valid query to ext4_map_blocks.
>> So in case if !create then return 0. This also makes ext4_warning to
>> ext4_debug in ext4_block_to_path() for the same reason.
>>
>> Signed-off-by: Ritesh Harjani <riteshh@...ux.ibm.com>
>> ---
>> fs/ext4/indirect.c | 11 +++++++++--
>> 1 file changed, 9 insertions(+), 2 deletions(-)
>>
>> diff --git a/fs/ext4/indirect.c b/fs/ext4/indirect.c
>> index 3a4ab70fe9e0..e1ab495dd900 100644
>> --- a/fs/ext4/indirect.c
>> +++ b/fs/ext4/indirect.c
>> @@ -102,7 +102,11 @@ static int ext4_block_to_path(struct inode *inode,
>> offsets[n++] = i_block & (ptrs - 1);
>> final = ptrs;
>> } else {
>> - ext4_warning(inode->i_sb, "block %lu > max in inode %lu",
>> + /*
>> + * It's not yet an error to just query beyond max
>> + * block in inode. Fiemap callers may do so.
>> + */
>> + ext4_debug("block %lu > max in inode %lu",
>> i_block + direct_blocks +
>> indirect_blocks + double_blocks, inode->i_ino);
>
> Does that mean fiemap callers can spamflood dmesg with this message just
> by setting the query start range to a huge value?
Not in the old implementation. But This could happen with indirect
block mapping with new implementation in iomap (as there is no check in
place before calling ext4_map_blocks()).
Previously __generic_block_fiemap() used to not query beyond
i_size_read(), so we were safe there.
So yes now as Jan also suggested, will add a check in place in
ext4_iomap_begin_report() itself, so that this flooding wont happen.
Thanks for the review!!
-ritesh
>
> --D
>
>> }
>> @@ -537,8 +541,11 @@ int ext4_ind_map_blocks(handle_t *handle, struct inode *inode,
>> depth = ext4_block_to_path(inode, map->m_lblk, offsets,
>> &blocks_to_boundary);
>>
>> - if (depth == 0)
>> + if (depth == 0) {
>> + if (!(flags & EXT4_GET_BLOCKS_CREATE))
>> + err = 0;
>> goto out;
>> + }
>>
>> partial = ext4_get_branch(inode, depth, offsets, chain, &err);
>>
>> --
>> 2.21.0
>>
Powered by blists - more mailing lists