| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 20 Jun 2016 16:28:17 +0100 From: Al Viro <viro@...IV.linux.org.uk> To: Trond Myklebust <trondmy@...marydata.com> Cc: Oleg Drokin <green@...uxhacker.ru>, Fields Bruce <bfields@...hat.com>, linux-nfs list <linux-nfs@...r.kernel.org>, "<linux-kernel@...r.kernel.org> Mailing List" <linux-kernel@...r.kernel.org>, "<linux-fsdevel@...r.kernel.org>" <linux-fsdevel@...r.kernel.org> Subject: Re: NFS/d_splice_alias breakage On Mon, Jun 20, 2016 at 02:54:36PM +0000, Trond Myklebust wrote: > > > On Jun 20, 2016, at 10:08, Al Viro <viro@...iv.linux.org.uk> wrote: > > > > On Mon, Jun 20, 2016 at 09:25:12AM -0400, Oleg Drokin wrote: > >> It looks like this patch was totally forgotten? > >> I don't see it in neither vfs nor nfs trees and yet it fixes a very easy to cause > >> crash in nfs code. And I think it's unrelated to the other parallel case too. > > > > I assumed it would go through NFS tree, seeing that it's NFS-specific and > > has nothing to do with any of the recent VFS changes (oops is triggerable > > starting from 3.11); I can certainly put it through vfs.git, and there > > will be changes nearby, but this one should go into -stable as a separate > > patch. > > > > I’ll take it through the NFS tree. OK. It's really a -stable fodder, BTW - all you need to trigger that oops is a hashed negative dentry from earlier lookup + symlink created from another client + attempt to open from ours. Gets you d_splice_alias() (or d_materialise_unique() prior to 3.19) with hashed dentry and that triggers BUG_ON, leaving us with the parent directory locked.
Powered by blists - more mailing lists