lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 18 Mar 2013 19:13:14 +0900
From:	Jaegeuk Kim <jaegeuk.kim@...sung.com>
To:	Namjae Jeon <linkinjeon@...il.com>
Cc:	linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
	linux-f2fs-devel@...ts.sourceforge.net
Subject: Re: [PATCH] f2fs: fix not to allocate max_nid

2013-03-18 (월), 18:29 +0900, Namjae Jeon:
> 2013/3/18, Jaegeuk Kim <jaegeuk.kim@...sung.com>:
> > The build_free_nid should not add free nids over nm_i->max_nid.
> > But, there was a hole that invalid free nid was added by the following
> > scenario.
> >
> > Let's suppose nm_i->max_nid = 150 and the last NAT page has 100 ~ 200 nids.
> >
> > build_free_nids
> >   - get_current_nat_page loads the last NAT page
> >   - scan_nat_page can add 100 ~ 200 nids
> >     -> Bug here!
> > So, when scanning an NAT page, we should check each candidate whether it is
> > over max_nid or not.
> >
> > Signed-off-by: Jaegeuk Kim <jaegeuk.kim@...sung.com>
> > ---
> >  fs/f2fs/node.c | 2 ++
> >  1 file changed, 2 insertions(+)
> >
> > diff --git a/fs/f2fs/node.c b/fs/f2fs/node.c
> > index c60919f..3fb6dfe 100644
> > --- a/fs/f2fs/node.c
> > +++ b/fs/f2fs/node.c
> > @@ -1270,6 +1270,8 @@ static int scan_nat_page(struct f2fs_nm_info *nm_i,
> >  	i = start_nid % NAT_ENTRY_PER_BLOCK;
> >
> >  	for (; i < NAT_ENTRY_PER_BLOCK; i++, start_nid++) {
> > +		if (start_nid >= nm_i->max_nid)
> > +			return fcnt;
> Hi Jaegeuk.
> How about use "break;" instread of "return fcnt" ?
> I think that break is better because there is no extra condition before return.

Ok, thanks. :)

> 
> Thanks.
> >  		blk_addr  = le32_to_cpu(nat_blk->entries[i].block_addr);
> >  		BUG_ON(blk_addr == NEW_ADDR);
> >  		if (blk_addr == NULL_ADDR)
> > --
> > 1.8.1.3.566.gaa39828
> >
> > --
> > To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
> > the body of a message to majordomo@...r.kernel.org
> > More majordomo info at  http://vger.kernel.org/majordomo-info.html
> >
> --
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@...r.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/

-- 
Jaegeuk Kim
Samsung

Download attachment "signature.asc" of type "application/pgp-signature" (837 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ