lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Mon, 10 Sep 2007 13:41:27 +0530
From:	suzuki <suzuki@...ibm.com>
To:	Trond Myklebust <trond.myklebust@....uio.no>
CC:	Michal Piotrowski <michal.k.k.piotrowski@...il.com>,
	Kamalesh Babulal <kamalesh@...ux.vnet.ibm.com>,
	bfields@...ldses.org, neilb@...e.de, nfs@...ts.sourceforge.net,
	linux-kernel@...r.kernel.org, ffilz@...ibm.com,
	Poornima <bnpoorni@...ibm.com>
Subject: Re: [NFS] [BUG] 2.6.23-rc5 kernel BUG at fs/nfs/nfs4xdr.c:945

Hi

I have been trying to debug this issue from my side and could find the 
following.

The pathconf() request gets a reply with :

pathinfo.max_namelen = (unsiged int) -1
pathinfo.max_link    = 255

Is this really an expected answer from a server for a proper connection 
( for mount requests on an exported dir) ? Is there something that needs 
to be fixed at server side ?

Thanks

Suzuki

Trond Myklebust wrote:
> On Sat, 2007-09-08 at 01:56 +0200, Michal Piotrowski wrote:
>> Hi,
>>
>> On 07/09/2007, Kamalesh Babulal <kamalesh@...ux.vnet.ibm.com> wrote:
>>> Sep  7 11:42:49 p55lp2 kernel: kernel BUG at fs/nfs/nfs4xdr.c:945!
>>> Sep  7 11:42:49 p55lp2 kernel: Oops: Exception in kernel mode, sig: 5 [#1]
>>> Sep  7 11:42:49 p55lp2 kernel: SMP NR_CPUS=128 NUMA pSeries
>>> Sep  7 11:42:49 p55lp2 kernel: Modules linked in: nfs lockd nfs_acl
>>> sunrpc ipv6 loop dm_mod ibmveth sg ibmvscsic sd_mod scsi_mod
>>> Sep  7 11:42:49 p55lp2 kernel: NIP: d000000000378044 LR:
>>> d000000000378034 CTR: 80000000001c5840
>>> Sep  7 11:42:49 p55lp2 kernel: REGS: c0000000d971b050 TRAP: 0700   Not
>>> tainted  (2.6.23-rc5-ppc64)
>>> Sep  7 11:42:49 p55lp2 kernel: MSR: 8000000000029032 <EE,ME,IR,DR>  CR:
>>> 28000444  XER: 00000014
>>> Sep  7 11:42:49 p55lp2 kernel: TASK = c000000002787740[11508] 'fsstress'
>>> THREAD: c0000000d9718000 CPU: 1
>>> Sep  7 11:42:49 p55lp2 kernel: GPR00: 0000000000000001 c0000000d971b2d0
>>> d0000000003bd648 0000000000000037
>>> Sep  7 11:42:49 p55lp2 kernel: GPR04: 0000000000000000 0000000000000000
>>> 0000000000000000 0000000000000000
>>> Sep  7 11:42:49 p55lp2 kernel: GPR08: 0000000000000002 c000000000616538
>>> c0000000ef7afb58 c000000000616540
>>> Sep  7 11:42:49 p55lp2 kernel: GPR12: 0000000000004000 c0000000005e4a80
>>> 0000000000000000 00000000200b2510
>>> Sep  7 11:42:49 p55lp2 kernel: GPR16: 0000000020105550 00000000200b2534
>>> 000000002008c15c 0000000000000001
>>> Sep  7 11:42:49 p55lp2 kernel: GPR20: 0000000000000000 0000000000000001
>>> fffffffffffff000 c0000000d971ba30
>>> Sep  7 11:42:49 p55lp2 kernel: GPR24: d00000000034f524 c0000000dc4f8054
>>> c0000000d971b7d0 c0000000d9d313f0
>>> Sep  7 11:42:49 p55lp2 kernel: GPR28: 0000000000000276 0000000022000000
>>> d0000000003b8d78 0000000000000000
>>> Sep  7 11:42:49 p55lp2 kernel: NIP [d000000000378044]
>>> .encode_lookup+0x6c/0xbc [nfs]
>>> Sep  7 11:42:49 p55lp2 kernel: LR [d000000000378034]
>>> .encode_lookup+0x5c/0xbc [nfs]
>>> Sep  7 11:42:49 p55lp2 kernel: Call Trace:
>>> Sep  7 11:42:49 p55lp2 kernel: [c0000000d971b2d0] [d000000000378034]
>>> .encode_lookup+0x5c/0xbc [nfs] (unreliable)
>>> Sep  7 11:42:49 p55lp2 kernel: [c0000000d971b370] [d000000000379f8c]
>>> .nfs4_xdr_enc_lookup+0x78/0xbc [nfs]
>>> Sep  7 11:42:49 p55lp2 kernel: [c0000000d971b440] [d000000000314534]
>>> .rpcauth_wrap_req+0xe4/0x124 [sunrpc]
>>> Sep  7 11:42:49 p55lp2 kernel: [c0000000d971b4f0] [d00000000030a790]
>>> .call_transmit+0x218/0x2b8 [sunrpc]
>>> Sep  7 11:42:49 p55lp2 kernel: [c0000000d971b590] [d0000000003124d8]
>>> .__rpc_execute+0xd4/0x368 [sunrpc]
>>> Sep  7 11:42:49 p55lp2 kernel: [c0000000d971b630] [d00000000030b114]
>>> .rpc_do_run_task+0xc8/0x104 [sunrpc]
>>> Sep  7 11:42:49 p55lp2 kernel: [c0000000d971b6e0] [d00000000030b224]
>>> .rpc_call_sync+0x2c/0x64 [sunrpc]
>>> Sep  7 11:42:49 p55lp2 kernel: [c0000000d971b760] [d00000000036ef04]
>>> ._nfs4_proc_lookupfh+0xd4/0x124 [nfs]
>>> Sep  7 11:42:49 p55lp2 kernel: [c0000000d971b850] [d0000000003719a0]
>>> ._nfs4_proc_lookup+0x80/0x21c [nfs]
>>> Sep  7 11:42:49 p55lp2 kernel: [c0000000d971b910] [d000000000371ba4]
>>> .nfs4_proc_lookup+0x68/0xac [nfs]
>>> Sep  7 11:42:49 p55lp2 kernel: [c0000000d971b9c0] [d000000000354bf4]
>>> .nfs_lookup+0x158/0x334 [nfs]
>>> Sep  7 11:42:49 p55lp2 kernel: [c0000000d971bbc0] [c0000000000f3a28]
>>> .lookup_hash+0xfc/0x140
>>> Sep  7 11:42:49 p55lp2 kernel: [c0000000d971bc60] [c0000000000f7b28]
>>> .sys_renameat+0x164/0x228
>>> Sep  7 11:42:49 p55lp2 kernel: [c0000000d971be30] [c000000000008534]
>>> syscall_exit+0x0/0x40
>>> Sep  7 11:42:49 p55lp2 kernel: Instruction dump:
>>> Sep  7 11:42:49 p55lp2 kernel: e8410028 7fa4eb78 7c7f1b79 7fb80026
>>> 40820014 e8be83a8 e87e8350 4800c5f9
>>> Sep  7 11:42:49 p55lp2 kernel: e8410028 7fb80120 7c180026 54001ffe
>>> <0b000000> 3800000f 7b850020 387f0008
>> Is this a post 2.6.22 regression? Have you tried 2.6.23-rc5-git1?
>> (There are a few nfs fixes)
>>
>> Regards,
>> Michal
> 
> It looks like a bug that has been there at least since 2.6.18. Could you
> see if this fixes it?
> 
> Trond
> 
> 
> 
> 
> ------------------------------------------------------------------------
> 
> Subject:
> No Subject
> From:
> Trond Myklebust <Trond.Myklebust@...app.com>
> Date:
> Sun, 9 Sep 2007 00:10:51 +0200
> 
> 
> It doesn't look as if the NFSv4 name length is being initialised correctly
> in the struct nfs_server. We need to limit any entry there to
> NFS4_MAXNAMLEN.
> 
> Signed-off-by: Trond Myklebust <Trond.Myklebust@...app.com>
> ---
> 
>  fs/nfs/client.c |    3 +++
>  1 files changed, 3 insertions(+), 0 deletions(-)
> 
> diff --git a/fs/nfs/client.c b/fs/nfs/client.c
> index a49f9fe..54068fb 100644
> --- a/fs/nfs/client.c
> +++ b/fs/nfs/client.c
> @@ -928,6 +928,9 @@ static int nfs4_init_server(struct nfs_server *server,
> 
>  	error = nfs_init_server_rpcclient(server, authflavour);
> 
> +	if (server->namelen == 0 || server->namelen > NFS4_MAXNAMLEN)
> +		server->namelen = NFS4_MAXNAMLEN;
> +
>  	/* Done */
>  	dprintk("<-- nfs4_init_server() = %d\n", error);
>  	return error;

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists