lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20240529095116.b3arzr5rjz6cs2rb@quack3>
Date: Wed, 29 May 2024 11:51:16 +0200
From: Jan Kara <jack@...e.cz>
To: "Luis Henriques (SUSE)" <luis.henriques@...ux.dev>
Cc: Theodore Ts'o <tytso@....edu>, Andreas Dilger <adilger@...ger.ca>,
	Jan Kara <jack@...e.cz>,
	Harshad Shirwadkar <harshadshirwadkar@...il.com>,
	linux-ext4@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v3 2/2] ext4: fix possible tid_t sequence overflows

On Wed 29-05-24 10:20:30, Luis Henriques (SUSE) wrote:
> In the fast commit code there are a few places where tid_t variables are
> being compared without taking into account the fact that these sequence
> numbers may wrap.  Fix this issue by using the helper functions tid_gt()
> and tid_geq().
> 
> Signed-off-by: Luis Henriques (SUSE) <luis.henriques@...ux.dev>

Thanks! Feel free to add:

Reviewed-by: Jan Kara <jack@...e.cz>

								Honza

> ---
>  fs/ext4/fast_commit.c | 8 ++++----
>  1 file changed, 4 insertions(+), 4 deletions(-)
> 
> diff --git a/fs/ext4/fast_commit.c b/fs/ext4/fast_commit.c
> index 088bd509b116..30d312e16916 100644
> --- a/fs/ext4/fast_commit.c
> +++ b/fs/ext4/fast_commit.c
> @@ -353,7 +353,7 @@ void ext4_fc_mark_ineligible(struct super_block *sb, int reason, handle_t *handl
>  		read_unlock(&sbi->s_journal->j_state_lock);
>  	}
>  	spin_lock(&sbi->s_fc_lock);
> -	if (sbi->s_fc_ineligible_tid < tid)
> +	if (tid_gt(tid, sbi->s_fc_ineligible_tid))
>  		sbi->s_fc_ineligible_tid = tid;
>  	spin_unlock(&sbi->s_fc_lock);
>  	WARN_ON(reason >= EXT4_FC_REASON_MAX);
> @@ -1207,7 +1207,7 @@ int ext4_fc_commit(journal_t *journal, tid_t commit_tid)
>  	if (ret == -EALREADY) {
>  		/* There was an ongoing commit, check if we need to restart */
>  		if (atomic_read(&sbi->s_fc_subtid) <= subtid &&
> -			commit_tid > journal->j_commit_sequence)
> +		    tid_gt(commit_tid, journal->j_commit_sequence))
>  			goto restart_fc;
>  		ext4_fc_update_stats(sb, EXT4_FC_STATUS_SKIPPED, 0, 0,
>  				commit_tid);
> @@ -1282,7 +1282,7 @@ static void ext4_fc_cleanup(journal_t *journal, int full, tid_t tid)
>  		list_del_init(&iter->i_fc_list);
>  		ext4_clear_inode_state(&iter->vfs_inode,
>  				       EXT4_STATE_FC_COMMITTING);
> -		if (iter->i_sync_tid <= tid) {
> +		if (tid_geq(tid, iter->i_sync_tid)) {
>  			ext4_fc_reset_inode(&iter->vfs_inode);
>  		} else {
>  			/*
> @@ -1322,7 +1322,7 @@ static void ext4_fc_cleanup(journal_t *journal, int full, tid_t tid)
>  	list_splice_init(&sbi->s_fc_q[FC_Q_STAGING],
>  				&sbi->s_fc_q[FC_Q_MAIN]);
>  
> -	if (tid >= sbi->s_fc_ineligible_tid) {
> +	if (tid_geq(tid, sbi->s_fc_ineligible_tid)) {
>  		sbi->s_fc_ineligible_tid = 0;
>  		ext4_clear_mount_flag(sb, EXT4_MF_FC_INELIGIBLE);
>  	}
> 
-- 
Jan Kara <jack@...e.com>
SUSE Labs, CR

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ