| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <172476284024.635532.4541598386517901728.b4-ty@mit.edu>
Date: Tue, 27 Aug 2024 08:47:21 -0400
From: "Theodore Ts'o" <tytso@....edu>
To: adilger.kernel@...ger.ca, jack@...e.cz,
Zhihao Cheng <chengzhihao@...weicloud.com>
Cc: "Theodore Ts'o" <tytso@....edu>, linux-ext4@...r.kernel.org,
linux-kernel@...r.kernel.org, chengzhihao1@...wei.com,
yi.zhang@...wei.com
Subject: Re: [PATCH] ext4: dax: Fix overflowing extents beyond inode size when partially writing
On Fri, 09 Aug 2024 20:15:32 +0800, Zhihao Cheng wrote:
> The dax_iomap_rw() does two things in each iteration: map written blocks
> and copy user data to blocks. If the process is killed by user(See signal
> handling in dax_iomap_iter()), the copied data will be returned and added
> on inode size, which means that the length of written extents may exceed
> the inode size, then fsck will fail. An example is given as:
>
> dd if=/dev/urandom of=file bs=4M count=1
> dax_iomap_rw
> iomap_iter // round 1
> ext4_iomap_begin
> ext4_iomap_alloc // allocate 0~2M extents(written flag)
> dax_iomap_iter // copy 2M data
> iomap_iter // round 2
> iomap_iter_advance
> iter->pos += iter->processed // iter->pos = 2M
> ext4_iomap_begin
> ext4_iomap_alloc // allocate 2~4M extents(written flag)
> dax_iomap_iter
> fatal_signal_pending
> done = iter->pos - iocb->ki_pos // done = 2M
> ext4_handle_inode_extension
> ext4_update_inode_size // inode size = 2M
>
> [...]
Applied, thanks!
[1/1] ext4: dax: Fix overflowing extents beyond inode size when partially writing
commit: dda898d7ffe85931f9cca6d702a51f33717c501e
Best regards,
--
Theodore Ts'o <tytso@....edu>
Powered by blists - more mailing lists