| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 2 Apr 2019 16:24:25 -0400
From: Waiman Long <longman@...hat.com>
To: Jan Harkes <jaharkes@...cmu.edu>
Cc: Ingo Molnar <mingo@...nel.org>,
Peter Zijlstra <a.p.zijlstra@...llo.nl>,
Alexander Viro <viro@...iv.linux.org.uk>,
Pedro Cuadra Chamorro <pcuadrac@...cmu.edu>,
linux-kernel@...r.kernel.org
Subject: Re: fs/coda oops bisected to (925b9cd1b8) "locking/rwsem: Make owner
store task pointer of last owni
On 04/02/2019 03:17 PM, Jan Harkes wrote:
> On Sun, Mar 31, 2019 at 03:13:47PM -0400, Jan Harkes wrote:
>> On Sun, Mar 31, 2019 at 02:14:13PM -0400, Waiman Long wrote:
>>> One possibility is that there is a previous reference to the memory
>>> currently occupied by the spinlock. If the memory location is previously
>>> part of a rwsem structure and someone is still using it, you may get
>>> memory corruption.
>> Ah, I hadn't even thought of that possibility. Good, it will open up
> First of all, I have to thank you for your original patch because
> otherwise I probably would never have discovered that something was
> seriously wrong. Your patch made the problem visible.
>
> I ended up changing 'owner' to '_RET_IP_' and dumping the value of the
> clobbered coda inode spinlock and surrounding memory and found that the
> 'culprit' is in ext4_filemap_fault and despite it being in ext4, it is
> still a Coda specific problem.
It is good news that you have found the bug. However, I don't have
sufficient expertise in the filesystem and mm areas to give you
recommendation of what to do next.
Cheers,
Longman
Powered by blists - more mailing lists