lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAKwO_5FCn5Z07ZLBUq6Zu=E0Oki-yL6ytwA7gKjzsO8=fJrCHA@mail.gmail.com>
Date:	Fri, 16 Mar 2012 12:29:15 -0700
From:	Paul Taysom <taysom@...gle.com>
To:	Greg KH <greg@...ah.com>
Cc:	Paul Taysom <taysom@...omium.org>,
	Mandeep Baines <msb@...omium.org>,
	Jens Axboe <axboe@...nel.dk>, Theodore Tso <tytso@...gle.com>,
	Andrew Morton <akpm@...gle.com>, linux-usb@...r.kernel.org,
	linux-kernel@...r.kernel.org,
	Alexander Viro <viro@...iv.linux.org.uk>,
	linux-fsdevel@...r.kernel.org, stable@...nel.org
Subject: Re: [PATCH] fs: Fix mod_timer crash when removing USB sticks

On Fri, Mar 16, 2012 at 10:36 AM, Greg KH <greg@...ah.com> wrote:
>
> On Thu, Jan 12, 2012 at 01:57:11PM -0800, Paul Taysom wrote:
> > A USB stick with a ext file system on it, would occasionally crash
> > when the stick was pulled.
> >
> > The problem was a timer was being set on the Backing Device Interface,
> > bdi, after the USB device had been removed and the bdi had been
> > unregistered. The bdi would then be later reinitialized by zeroing
> > the timer without removing from the timer from the timer queue.
> > This would eventually result in a kernel crash (NULL ptr dereference).
> >
> > When the bdi is unregistered, the dev field is set to NULL. This
> > indication is used by bdi_unregister to only unregister the device
> > once.
> >
> > Fix: When the backing device is invalidated, the mapping
> > backing_dev_info
> > should be redirected to the default_backing_dev_info.
> >
> > Created 3 USB sticks with ext2, ext4 and one with both apple and DOS
> > file systems on it. Inserted and removed USB sticks many times in random
> > order. With out the bug fix, the kernel would soon crash. With the fix,
> > it did not. Ran on both stumpy and amd64-generic.
> >
> > Signed-off-by: Paul Taysom <taysom@...omium.org>
> > Cc: Mandeep Baines <msb@...omium.org>
> > Cc: Greg KH <greg@...ah.com>
> > Cc: Jens Axboe <axboe@...nel.dk>
> > Cc: Theodore Tso <tytso@...gle.com>
> > Cc: Andrew Morton <akpm@...gle.com>
> > Cc: <linux-usb@...r.kernel.org>
> > Cc: <linux-kernel@...r.kernel.org>
> > Cc: Alexander Viro <viro@...iv.linux.org.uk>
> > Cc: <linux-fsdevel@...r.kernel.org>
> > Cc: <stable@...nel.org>
> > ---
> >  fs/block_dev.c |    1 +
> >  1 files changed, 1 insertions(+), 0 deletions(-)
> >
> > diff --git a/fs/block_dev.c b/fs/block_dev.c
> > index afe74dd..322cd05 100644
> > --- a/fs/block_dev.c
> > +++ b/fs/block_dev.c
> > @@ -110,6 +110,7 @@ void invalidate_bdev(struct block_device *bdev)
> >        * But, for the strange corners, lets be cautious
> >        */
> >       cleancache_flush_inode(mapping);
> > +     mapping->backing_dev_info = &default_backing_dev_info;
> >  }
> >  EXPORT_SYMBOL(invalidate_bdev);
>
> What ever happened to this patch?  Is it still needed?  Can you still
> reproduce the problem on Linus's tree and older kernels?
>


Never heard anything back.  Ted supplied a partial fix in 3.2.6 (I
believe) for just the ext4 file system. Who should I follow up with?
Thanks,
Paul
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ