lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sat, 4 Jan 2014 15:52:14 -0500 (EST)
From:	Mikulas Patocka <mpatocka@...hat.com>
To:	John David Anglin <dave.anglin@...l.net>
cc:	Joonsoo Kim <iamjoonsoo.kim@....com>,
	Andi Kleen <ak@...ux.intel.com>,
	Christoph Lameter <cl@...ux.com>,
	Pekka Enberg <penberg@....fi>, linux-kernel@...r.kernel.org,
	linux-parisc@...r.kernel.org
Subject: Re: [PATCH] fix crash when using XFS on loopback



On Sat, 4 Jan 2014, John David Anglin wrote:

> On 4-Jan-14, at 2:55 PM, Mikulas Patocka wrote:
> 
> > On Sat, 4 Jan 2014, John David Anglin wrote:
> > 
> > > On 4-Jan-14, at 12:45 PM, Mikulas Patocka wrote:
> > > 
> > > > * flush_dcache_page asks for the list of userspace mappings, however
> > > > that
> > > > page->mapping field is reused by the slab subsystem for a different
> > > > purpose. This causes the crash.
> > > 
> > > I'd noticed the other day that the parisc implementation of
> > > flush_dcache_page()
> > > should return if "!mapping || mapping != page->mapping" is true.  This
> > > would
> > > have avoided crash.
> > > 
> > > Dave
> > 
> > I think no.
> > 
> > page_mapping returns NULL if the page has only anonymous mapping and it is
> > not placed in the swap cache. In this case, you need to flush the kernel
> > cache.
> 
> 
> The suggestion is to add the "mapping != page->mapping" to the current NULL
> check.
> It occurs after the kernel cache flush.

"if (!mapping || mapping != page->mapping) return;"
returns if the mapping is NULL (and that is wrong because the variable 
mapping is NULL for anonymous pages).

You could probably return "if (!mapping && !PageAnon(page))", but the 
other architectures aren't doing it.

> It doesn't seem right to flush the vma mappings associated with swap address
> space
> and that appears to be happening with current code.
>
> Dave
> --
> John David Anglin	dave.anglin@...l.net

I suppose that "vma_interval_tree_foreach" is empty operation for swap 
address space. Or isn't it?

Mikulas
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ