| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 17 Dec 2018 00:56:55 +0100
From: Richard Weinberger <richard.weinberger@...il.com>
To: houtao1@...wei.com
Cc: linux-mtd@...ts.infradead.org,
David Woodhouse <dwmw2@...radead.org>,
LKML <linux-kernel@...r.kernel.org>,
stable <stable@...r.kernel.org>, boris.brezillon@...tlin.com
Subject: Re: [PATCH] jffs2: ensure wbuf_verify is valid before using it.
On Sat, Oct 20, 2018 at 2:06 PM Hou Tao <houtao1@...wei.com> wrote:
>
> Now MTD emulated by UBI volumn doesn't allocate wbuf_verify in
> jffs2_ubivol_setup(), because UBI can do the verifcation itself,
> so when CONFIG_JFFS2_FS_WBUF_VERIFY is enabled and a MTD device
> emulated by UBI volumn is used, a Oops will occur as show in the
> following trace:
>
> general protection fault: 0000 [#1] SMP KASAN PTI
> CPU: 6 PID: 404 Comm: kworker/6:1 Not tainted 4.19.0-rc8
> Workqueue: events_long delayed_wbuf_sync
> RIP: 0010:ubi_io_read+0x156/0x650
> Call Trace:
> ubi_eba_read_leb+0x57d/0xba0
> ubi_leb_read+0xe5/0x1b0
> gluebi_read+0x10c/0x1a0
> mtd_read+0x112/0x340
> jffs2_verify_write+0xef/0x440
> __jffs2_flush_wbuf+0x3fa/0x3540
> jffs2_flush_wbuf_gc+0x1b1/0x2e0
> process_one_work+0x58b/0x11e0
> worker_thread+0x8f/0xfe0
> kthread+0x2ae/0x3a0
> ret_from_fork+0x35/0x40
>
> Fix the problem by checking the validity of wbuf_verify before
> using it in jffs2_verify_write().
>
> Cc: stable@...r.kernel.org
> Fixes: 0029da3bf430 ("JFFS2: add UBI support")
> Signed-off-by: Hou Tao <houtao1@...wei.com>
Reviewed-by: Richard Weinberger <richard@....at>
BTW: Are you actually using glubi? It is on my list of things I'd like
to kill. :-)
--
Thanks,
//richard
Powered by blists - more mailing lists