| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 3 Jun 2020 12:24:22 +0200
From: Marek Szyprowski <m.szyprowski@...sung.com>
To: Ritesh Harjani <riteshh@...ux.ibm.com>, linux-ext4@...r.kernel.org
Cc: linux-fsdevel@...r.kernel.org, Jan Kara <jack@...e.com>,
tytso@....edu, linux-kernel@...r.kernel.org,
adilger.kernel@...ger.ca, sfr@...b.auug.org.au,
linux-next@...r.kernel.org, syzkaller-bugs@...glegroups.com,
syzbot+82f324bb69744c5f6969@...kaller.appspotmail.com
Subject: Re: [PATCHv5 1/1] ext4: mballoc: Use raw_cpu_ptr instead of
this_cpu_ptr
Hi Ritesh,
On 02.06.2020 15:47, Ritesh Harjani wrote:
> It doesn't really matter in ext4_mb_new_blocks() about whether the code
> is rescheduled on any other cpu due to preemption. Because we care
> about discard_pa_seq only when the block allocation fails and then too
> we add the seq counter of all the cpus against the initial sampled one
> to check if anyone has freed any blocks while we were doing allocation.
>
> So just use raw_cpu_ptr instead of this_cpu_ptr to avoid this BUG.
>
> BUG: using smp_processor_id() in preemptible [00000000] code: syz-fuzzer/6927
> caller is ext4_mb_new_blocks+0xa4d/0x3b70 fs/ext4/mballoc.c:4711
> CPU: 1 PID: 6927 Comm: syz-fuzzer Not tainted 5.7.0-next-20200602-syzkaller #0
> Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
> Call Trace:
> __dump_stack lib/dump_stack.c:77 [inline]
> dump_stack+0x18f/0x20d lib/dump_stack.c:118
> check_preemption_disabled+0x20d/0x220 lib/smp_processor_id.c:48
> ext4_mb_new_blocks+0xa4d/0x3b70 fs/ext4/mballoc.c:4711
> ext4_ext_map_blocks+0x201b/0x33e0 fs/ext4/extents.c:4244
> ext4_map_blocks+0x4cb/0x1640 fs/ext4/inode.c:626
> ext4_getblk+0xad/0x520 fs/ext4/inode.c:833
> ext4_bread+0x7c/0x380 fs/ext4/inode.c:883
> ext4_append+0x153/0x360 fs/ext4/namei.c:67
> ext4_init_new_dir fs/ext4/namei.c:2757 [inline]
> ext4_mkdir+0x5e0/0xdf0 fs/ext4/namei.c:2802
> vfs_mkdir+0x419/0x690 fs/namei.c:3632
> do_mkdirat+0x21e/0x280 fs/namei.c:3655
> do_syscall_64+0x60/0xe0 arch/x86/entry/common.c:359
> entry_SYSCALL_64_after_hwframe+0x44/0xa9
>
> Signed-off-by: Ritesh Harjani <riteshh@...ux.ibm.com>
> Reported-by: syzbot+82f324bb69744c5f6969@...kaller.appspotmail.com
This fixes the warning observed on various Samsung Exynos SoC based
boards with linux-next 20200602.
Tested-by: Marek Szyprowski <m.szyprowski@...sung.com>
> ---
> fs/ext4/mballoc.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/fs/ext4/mballoc.c b/fs/ext4/mballoc.c
> index a9083113a8c0..b79b32dbe3ea 100644
> --- a/fs/ext4/mballoc.c
> +++ b/fs/ext4/mballoc.c
> @@ -4708,7 +4708,7 @@ ext4_fsblk_t ext4_mb_new_blocks(handle_t *handle,
> }
>
> ac->ac_op = EXT4_MB_HISTORY_PREALLOC;
> - seq = *this_cpu_ptr(&discard_pa_seq);
> + seq = *raw_cpu_ptr(&discard_pa_seq);
> if (!ext4_mb_use_preallocated(ac)) {
> ac->ac_op = EXT4_MB_HISTORY_ALLOC;
> ext4_mb_normalize_request(ac, ar);
Best regards
--
Marek Szyprowski, PhD
Samsung R&D Institute Poland
Powered by blists - more mailing lists