lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Mon, 12 Dec 2011 15:22:27 +0100
From:	Jan Kara <jack@...e.cz>
To:	Namjae Jeon <linkinjeon@...il.com>
Cc:	Jan Kara <jack@...e.cz>, LKML <linux-kernel@...r.kernel.org>,
	linux-fsdevel@...r.kernel.org,
	Matthias Matiak <netzpython@...l-on.us>
Subject: Re: [PATCH] udf: Fix deadlock when converting file from in-ICB one
 to normal one

On Sat 10-12-11 13:40:53, Namjae Jeon wrote:
> 2011/12/10 Jan Kara <jack@...e.cz>:
> > During BKL removal, conversion of files from in-ICB format to normal format got
> > broken. We call ->writepage with i_data_sem held but udf_get_block() also
> > acquires i_data_sem thus creating A-A deadlock.
> >
> > We fix the problem by dropping i_data_sem before calling ->writepage() which is
> > safe since i_mutex still protects us against any changes in the file. Also fix
> > pagelock - i_data_sem lock inversion in udf_expand_file_adinicb() by dropping
> > i_data_sem before calling find_or_create_page().
> >
> > Reported-by: Matthias Matiak <netzpython@...l-on.us>
> > Signed-off-by: Jan Kara <jack@...e.cz>
> Reviewed-by: Namjae Jeon <linkinjeon@...il.com>
  Thanks.

> > ---
> >  fs/udf/file.c  |    6 +++---
> >  fs/udf/inode.c |   20 +++++++++++++++++---
> >  2 files changed, 20 insertions(+), 6 deletions(-)
> >
> >  I plan to merge this fix through my tree soon.
> >
> > +/*
> > + * Expand file stored in ICB to a normal one-block-file
> > + *
> > + * This function requires i_data_sem for writing and releases it.
> > + * This function requires i_mutex held
> > + */
> >  int udf_expand_file_adinicb(struct inode *inode)
> >  {
> >        struct page *page;
> > @@ -171,6 +177,11 @@ int udf_expand_file_adinicb(struct inode *inode)
> >                mark_inode_dirty(inode);
>                   up_write(&iinfo->i_data_sem);
> Hi Jan.
> I do not know if that helps, Would it need here ?
  Thanks for spotting this! Indeed it was a bug not to release i_data_sem
here! I have fixed it now.

								Honza
-- 
Jan Kara <jack@...e.cz>
SUSE Labs, CR
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ