lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Fri, 05 Dec 2014 11:29:03 +0300
From:	Dmitry Monakhov <dmonakhov@...nvz.org>
To:	Jeremiah Mahler <jmmahler@...il.com>,
	Stephen Rothwell <sfr@...b.auug.org.au>
Cc:	linux-next@...r.kernel.org, linux-kernel@...r.kernel.org,
	Theodore Ts'o <tytso@....edu>
Subject: Re: linux-next: Tree for Dec 4

Jeremiah Mahler <jmmahler@...il.com> writes:

> all,
>
> On Thu, Dec 04, 2014 at 03:34:11PM -0800, Jeremiah Mahler wrote:
>> all,
>> 
>> On Thu, Dec 04, 2014 at 07:59:28PM +1100, Stephen Rothwell wrote:
>> > Hi all,
>> > 
>> > Changes since 20141203:
>> > 
> [...]
>> > 
>> > -- 
>> > Cheers,
>> > Stephen Rothwell                    sfr@...b.auug.org.au
>> > 
>> [...]
>> 
>> linux-next 20141204 is broken on all my machines, 20141203 worked fine.
>> 
>> They fail very early in the boot process and are unable to mount root.
>> There are lots of "ext4_check_descriptors: Checksum for group ...
>> failed" messages.
>> 
>> Any suggestions for where to start looking?
>> 
>> -- 
>> - Jeremiah Mahler
>
> I ran a bisect and found this patch to be faulty.
>
>   commit fdfe073987619ec375da8d8a2701ab271d1b1339
>   Author: Dmitry Monakhov <dmonakhov@...nvz.org>
>   Date:   Tue Dec 2 16:09:16 2014 -0500
>   
>       ext4: fix potential use after free during resize
>       
>       We need some sort of synchronization while updating ->s_group_desc
>       because there are a lot of users which can access old ->s_group_desc
>       array after it was released.
>       
>       Signed-off-by: Dmitry Monakhov <dmonakhov@...nvz.org>
>       Signed-off-by: Theodore Ts'o <tytso@....edu>
+       rcu_read_lock();
+       gd_bh = *rcu_dereference(sbi->s_group_desc) + group_desc;
+       rcu_read_unlock(); 
Yes this is true crap. The only question is how it passed xfstess?

>
> -- 
> - Jeremiah Mahler

Download attachment "signature.asc" of type "application/pgp-signature" (473 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ