lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 11 Feb 2022 14:37:11 +0000 From: Matthew Wilcox <willy@...radead.org> To: Lee Jones <lee.jones@...aro.org> Cc: "Darrick J. Wong" <djwong@...nel.org>, linux-kernel@...r.kernel.org, Stable <stable@...r.kernel.org>, Christoph Hellwig <hch@....de>, Dave Chinner <dchinner@...hat.com>, Goldwyn Rodrigues <rgoldwyn@...e.com>, "Darrick J . Wong" <darrick.wong@...cle.com>, Bob Peterson <rpeterso@...hat.com>, Damien Le Moal <damien.lemoal@....com>, Theodore Ts'o <tytso@....edu>, Andreas Gruenbacher <agruenba@...hat.com>, Ritesh Harjani <riteshh@...ux.ibm.com>, Johannes Thumshirn <jth@...nel.org>, linux-xfs@...r.kernel.org, linux-fsdevel@...r.kernel.org, linux-ext4@...r.kernel.org, cluster-devel@...hat.com, syzbot+0ed9f769264276638893@...kaller.appspotmail.com Subject: Re: [PATCH 1/1] Revert "iomap: fall back to buffered writes for invalidation failures" On Thu, Feb 10, 2022 at 10:15:52AM +0000, Lee Jones wrote: > On Wed, 09 Feb 2022, Darrick J. Wong wrote: > > > On Wed, Feb 09, 2022 at 08:52:43AM +0000, Lee Jones wrote: > > > This reverts commit 60263d5889e6dc5987dc51b801be4955ff2e4aa7. > > > > > > Reverting since this commit opens a potential avenue for abuse. > > > > What kind of abuse? Did you conclude there's an avenue solely because > > some combination of userspace rigging produced a BUG warning? Or is > > this a real problem that someone found? > > Genuine question: Is the ability for userspace to crash the kernel > not enough to cause concern? I would have thought that we'd want to > prevent this. The kernel doesn't crash. It's a BUG(). That means it kills the task which caused the BUG(). If you've specified that the kernel should crash on seeing a BUG(), well, you made that decision, and you get to live with the consequences. > The link provided doesn't contain any further analysis. Only the > reproducer and kernel configuration used, which are both too large to > enter into a Git commit. But not too large to put in an email. Which you should have sent to begin with, not a stupid reversion commit. > > OH WAIT, you're running this on the Android 5.10 kernel, aren't you? > > The BUG report came from page_buffers failing to find any buffer heads > > attached to the page. > > https://android.googlesource.com/kernel/common/+/refs/heads/android12-5.10-2022-02/fs/ext4/inode.c#2647 > > Yes, the H/W I have to prototype these on is a phone and the report > that came in was specifically built against the aforementioned > kernel. > > > Yeah, don't care. > > "There is nothing to worry about, as it's intended behaviour"? No. You've come in like a fucking meteorite full of arrogance and ignorance. Nobody's reacting well to you right now. Start again, write a good bug report in a new thread.
Powered by blists - more mailing lists