lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <c542e099-0404-be8e-ebeb-d4265d3204d6@nod.at>
Date:   Fri, 28 Oct 2016 19:07:26 +0200
From:   Richard Weinberger <richard@....at>
To:     Jörg Krause <joerg.krause@...edded.rocks>,
        linux-mtd@...ts.infradead.org
Cc:     dedekind1@...il.com, linux-kernel@...r.kernel.org,
        stable@...r.kernel.org, adrian.hunter@...el.com,
        ralph.sennhauser@...il.com, peda@...ntia.se
Subject: Re: [PATCH] ubifs: Fix regression in ubifs_readdir()

Jörg,

On 28.10.2016 18:19, Jörg Krause wrote:
> Hi,
> 
> On Fri, 2016-10-28 at 11:53 +0200, Richard Weinberger wrote:
>> Commit c83ed4c9dbb35 ("ubifs: Abort readdir upon error") broke
>> overlayfs support because the fix exposed an internal error
>> code to VFS.
>>
>> Reported-by: Peter Rosin <peda@...ntia.se>
>> Tested-by: Peter Rosin <peda@...ntia.se>
>> Reported-by: Ralph Sennhauser <ralph.sennhauser@...il.com>
>> Fixes: c83ed4c9dbb35 ("ubifs: Abort readdir upon error")
>> Cc: stable@...r.kernel.org
>> Signed-off-by: Richard Weinberger <richard@....at>
>> ---
>>  fs/ubifs/dir.c | 8 ++++++++
>>  1 file changed, 8 insertions(+)
>>
>> diff --git a/fs/ubifs/dir.c b/fs/ubifs/dir.c
>> index bd4a5e8ce441..ca16c5d7bab1 100644
>> --- a/fs/ubifs/dir.c
>> +++ b/fs/ubifs/dir.c
>> @@ -543,6 +543,14 @@ static int ubifs_readdir(struct file *file,
>> struct dir_context *ctx)
>>  
>>  	if (err != -ENOENT)
>>  		ubifs_err(c, "cannot find next direntry, error %d",
>> err);
>> +	else
>> +		/*
>> +		 * -ENOENT is a non-fatal error in this context, the
>> TNC uses
>> +		 * it to indicate that the cursor moved past the
>> current directory
>> +		 * and readdir() has to stop.
>> +		 */
>> +		err = 0;
>> +
>>  
>>  	/* 2 is a special value indicating that there are no more
>> direntries */
>>  	ctx->pos = 2;
> 
> I'm not sure if it's related to the issue reported by Peter Rosin and
> Ralph Sennhauser, but I am still getting a kernel panic using UBIFS
> with OverlayFS on Linux v4.9.0-rc2 with this patch applied:

Does reverting c83ed4c9dbb35 help?
And are you 100% sure you applied the fix?

Does the following WARN_ON() trigger?
diff --git a/fs/ubifs/dir.c b/fs/ubifs/dir.c
index ca16c5d7bab1..12ffc91f7ef8 100644
--- a/fs/ubifs/dir.c
+++ b/fs/ubifs/dir.c
@@ -554,6 +554,9 @@ static int ubifs_readdir(struct file *file, struct dir_context *ctx)

 	/* 2 is a special value indicating that there are no more direntries */
 	ctx->pos = 2;
+
+	WARN_ON(err);
+
 	return err;
 }


Thanks,
//richard

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ