lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <1369385833-6852-1-git-send-email-vahram.martirosyan@linuxtesting.org>
Date:	Fri, 24 May 2013 13:57:12 +0500
From:	Vahram Martirosyan <vmartirosyan@...il.com>
To:	Dave Kleikamp <shaggy@...nel.org>
Cc:	Vahram Martirosyan <vahram.martirosyan@...uxtesting.org>,
	jfs-discussion@...ts.sourceforge.net, linux-kernel@...r.kernel.org,
	spruce-project@...uxtesting.org, Gu Zheng <guz.fnst@...fujitsu.com>
Subject: [PATCH 1/2] jfs: Several bugs in jfs_freeze() and jfs_unfreeze()

The mentioned functions do not pay attention to the error codes returned
by the functions updateSuper(), lmLogInit() and lmLogShutdown(). It brings to
system crash later when writing to log.

The patch adds corresponding code to check and return the error codes
and to print correct error messages in case of errors.

Besides that the lmLogShutdown() function must not be called when 'nointegrity' mount option is provided.
It leads to kernel OOPS.

Found by Linux File System Verification project (linuxtesting.org).

Signed-off-by: Vahram Martirosyan <vahram.martirosyan@...uxtesting.org>

Reviewed-by: Gu Zheng <guz.fnst@...fujitsu.com>
---
 fs/jfs/super.c | 29 ++++++++++++++++++++++-------
 1 file changed, 22 insertions(+), 7 deletions(-)

diff --git a/fs/jfs/super.c b/fs/jfs/super.c
index 2003e83..a3d424d 100644
--- a/fs/jfs/super.c
+++ b/fs/jfs/super.c
@@ -611,11 +611,20 @@ static int jfs_freeze(struct super_block *sb)
 {
 	struct jfs_sb_info *sbi = JFS_SBI(sb);
 	struct jfs_log *log = sbi->log;
+	int rc = 0;
 
 	if (!(sb->s_flags & MS_RDONLY)) {
 		txQuiesce(sb);
-		lmLogShutdown(log);
-		updateSuper(sb, FM_CLEAN);
+		rc = lmLogShutdown(log);
+		if (rc != 0) {
+			jfs_err("lmLogShutdown failed with return code %d", rc);
+			return rc;
+		}
+		rc = updateSuper(sb, FM_CLEAN);
+		if (rc != 0) {
+			jfs_err("updateSuper failed with return code %d", rc);
+			return rc;
+		}
 	}
 	return 0;
 }
@@ -627,11 +636,17 @@ static int jfs_unfreeze(struct super_block *sb)
 	int rc = 0;
 
 	if (!(sb->s_flags & MS_RDONLY)) {
-		updateSuper(sb, FM_MOUNT);
-		if ((rc = lmLogInit(log)))
-			jfs_err("jfs_unlock failed with return code %d", rc);
-		else
-			txResume(sb);
+		rc = updateSuper(sb, FM_MOUNT);
+		if (rc != 0) {
+			jfs_err("updateSuper failed with return code %d", rc);
+			return rc;
+		}
+		rc = lmLogInit(log);
+		if (rc != 0) {
+			jfs_err("lmLogInit failed with return code %d", rc);
+			return rc;
+		}
+		txResume(sb);
 	}
 	return 0;
 }
-- 
1.8.2.3

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ