lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20230308104234.z7vmgmjz2smepwlg@quack3>
Date:   Wed, 8 Mar 2023 11:42:34 +0100
From:   Jan Kara <jack@...e.cz>
To:     Eric Biggers <ebiggers@...nel.org>
Cc:     Dan Carpenter <error27@...il.com>, jack@...e.cz,
        linux-ext4@...r.kernel.org
Subject: Re: [bug report] ext4: Fix possible corruption when moving a
 directory

On Tue 07-03-23 19:18:47, Eric Biggers wrote:
> On Tue, Mar 07, 2023 at 06:56:28PM +0300, Dan Carpenter wrote:
> > Hello Jan Kara,
> > 
> > The patch 0813299c586b: "ext4: Fix possible corruption when moving a
> > directory" from Jan 26, 2023, leads to the following Smatch static
> > checker warning:
> > 
> > 	fs/ext4/namei.c:4017 ext4_rename()
> > 	error: double unlocked '&old.inode->i_rwsem' (orig line 3882)
> > 
> [...]
> >     3875                 /*
> >     3876                  * We need to protect against old.inode directory getting
> >     3877                  * converted from inline directory format into a normal one.
> >     3878                  */
> >     3879                 inode_lock_nested(old.inode, I_MUTEX_NONDIR2);
> >     3880                 retval = ext4_rename_dir_prepare(handle, &old);
> >     3881                 if (retval) {
> >     3882                         inode_unlock(old.inode);
> > 
> > The issue here is that ext4_rename_dir_prepare() sets old.dir_bh and
> > then returns -EFSCORRUPTED.  It results in an unlock here and then again
> > after the goto.
> 
> That analysis looks correct.  FYI, I think this is the same as the syzbot report
> "[ext4?] WARNING: bad unlock balance in ext4_rename2"
> (https://lore.kernel.org/linux-ext4/000000000000435c6905f639ae8e@google.com).

Good spotting! This should be fixed (along with the lock ordering problem)
by 3c92792da8506 ("ext4: Fix deadlock during directory rename") Ted has
just merged couple hours ago.

								Honza
-- 
Jan Kara <jack@...e.com>
SUSE Labs, CR

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ