| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <55E3F95C.8020909@cn.fujitsu.com> Date: Mon, 31 Aug 2015 14:51:08 +0800 From: Qu Wenruo <quwenruo@...fujitsu.com> To: Alexandru Moise <00moses.alexander00@...il.com> CC: <clm@...com>, <jbacik@...com>, <dsterba@...e.com>, <linux-btrfs@...r.kernel.org>, <linux-kernel@...r.kernel.org> Subject: Re: [PATCH] btrfs: Remove unneeded cast to s64 for qgroup rfer state Alexandru Moise wrote on 2015/08/31 09:32 +0300: > On Mon, Aug 31, 2015 at 09:44:49AM +0800, Qu Wenruo wrote: >>>> >From the perspective of users, qgroup's referenced or exclusive >>>> is negative,but user can not continue to write data! a workaround >>>> way is to cast u64 to s64 when doing qgroup reservation >>> >>> I am unable to reproduce this problem without his modification. >>> I could be wrong in reverting this, so I'm gonna CC Wang as well so >>> he is aware of this patch. >> >> The cast is a workaround for a quite old qgroup bug, which will >> cause excl/rfer overflow to minus. >> >> The remove of cast rfer/exel now is OK, as qgroup keeps maturing, >> especially after 4.2-rc1 rfer/exel will keep sane under most case >> (exception will be qgroup reassign and subvolume deletion, but will >> not case minus value even under than case). > > rfer/exel and reserved are all of type unsigned int, how exactly would > they overflow to minus? Due to qgroup bugs of course, In old implement, btrfs_find_all_roots() will not always find the correct roots. Causing quota to minus more bytes on existing qgroups. For example qg->rfer is 16K, btrfs_find_all_roots() think the qg previously own a 32K extent but not now, and qgroup accounting decides to decrease qg->rfer by 32K, now you get -16K, which is a super huge number if used as u64. > >> >> But I'm not a fan to remove it now. >> As qgroup still has a known huge bug for the qg->reserved part, we >> are aware of it and working on it actively. > > Can you tell me more about this known huge bug and how you can > reproduce it using the present implementation? > Check the fstest patch I submitted: https://patchwork.kernel.org/patch/7023301/ Btrfs qgroup has qgroup reserved space leak problem, and under some case, it can also overflow to minus.(I don't have a minus reproducer, but it already happened several times in my test environment) That's what we are fixing now, trying to make it public before 4.3-rc1. Thanks, Qu -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists