lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAEivzxc-b-QDx8AEdHEwa06Q2TYgZZkw2PWQ+K_Lyf+oyTM1Zg@mail.gmail.com> Date: Thu, 26 Sep 2024 11:16:07 +0200 From: Aleksandr Mikhalitsyn <aleksandr.mikhalitsyn@...onical.com> To: Baokun Li <libaokun1@...wei.com> Cc: Jan Kara <jack@...e.cz>, tytso@....edu, stable@...r.kernel.org, Andreas Dilger <adilger.kernel@...ger.ca>, Stéphane Graber <stgraber@...raber.org>, Christian Brauner <brauner@...nel.org>, linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org, linux-ext4@...r.kernel.org, Wesley Hershberger <wesley.hershberger@...onical.com>, Yang Erkun <yangerkun@...wei.com> Subject: Re: [PATCH 1/1] ext4: fix crash on BUG_ON in ext4_alloc_group_tables On Thu, Sep 26, 2024 at 10:29 AM Baokun Li <libaokun1@...wei.com> wrote: > > On 2024/9/25 23:57, Jan Kara wrote: > > On Wed 25-09-24 16:33:24, Alexander Mikhalitsyn wrote: > >> [ 33.882936] EXT4-fs (dm-5): mounted filesystem 8aaf41b2-6ac0-4fa8-b92b-77d10e1d16ca r/w with ordered data mode. Quota mode: none. > >> [ 33.888365] EXT4-fs (dm-5): resizing filesystem from 7168 to 786432 blocks > >> [ 33.888740] ------------[ cut here ]------------ > >> [ 33.888742] kernel BUG at fs/ext4/resize.c:324! > > Ah, I was staring at this for a while before I understood what's going on > > (it would be great to explain this in the changelog BTW). As far as I > > understand commit 665d3e0af4d3 ("ext4: reduce unnecessary memory allocation > > in alloc_flex_gd()") can actually make flex_gd->resize_bg larger than > > flexbg_size (for example when ogroup = flexbg_size, ngroup = 2*flexbg_size > > - 1) which then confuses things. I think that was not really intended and > > instead of fixing up ext4_alloc_group_tables() we should really change > > the logic in alloc_flex_gd() to make sure flex_gd->resize_bg never exceeds > > flexbg size. Baokun? > > > > Honza > > Hi Honza, > > Your analysis is absolutely correct. It's a bug! > Thank you for locating this issue! > An extra 1 should not be added when calculating resize_bg in > alloc_flex_gd(). > > > Hi Aleksandr, Hi Baokun, > > Could you help test if the following changes work? I can confirm that this patch helps. Tested-by: Alexander Mikhalitsyn <aleksandr.mikhalitsyn@...onical.com> Kind regards, Alex > > > Thanks, > Baokun > > --- > > diff --git a/fs/ext4/resize.c b/fs/ext4/resize.c > index e04eb08b9060..1f01a7632149 100644 > --- a/fs/ext4/resize.c > +++ b/fs/ext4/resize.c > @@ -253,10 +253,12 @@ static struct ext4_new_flex_group_data > *alloc_flex_gd(unsigned int flexbg_size, > /* Avoid allocating large 'groups' array if not needed */ > last_group = o_group | (flex_gd->resize_bg - 1); > if (n_group <= last_group) > - flex_gd->resize_bg = 1 << fls(n_group - o_group + 1); > + flex_gd->resize_bg = 1 << fls(n_group - o_group); > else if (n_group - last_group < flex_gd->resize_bg) > - flex_gd->resize_bg = 1 << max(fls(last_group - o_group + 1), > + flex_gd->resize_bg = 1 << max(fls(last_group - o_group), > fls(n_group - last_group)); > > flex_gd->groups = kmalloc_array(flex_gd->resize_bg, > sizeof(struct ext4_new_group_data), >
Powered by blists - more mailing lists