lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Sun, 28 Apr 2019 06:47:22 -0700
From:   Jaegeuk Kim <jaegeuk@...nel.org>
To:     Chao Yu <yuchao0@...wei.com>
Cc:     linux-f2fs-devel@...ts.sourceforge.net,
        linux-kernel@...r.kernel.org, chao@...nel.org, drosen@...gle.com
Subject: Re: [PATCH 1/2] f2fs: fix to avoid potential negative .f_bfree

On 04/26, Chao Yu wrote:
> When calculating .f_bfree value in f2fs_statfs(), sbi->unusable_block_count
> can be increased after the judgment condition, result in overflow of
> .f_bfree in later calculation. This patch fixes to use a temporary signed
> variable to save the calculation result of .f_bfree.
> 
> 	if (unlikely(buf->f_bfree <= sbi->unusable_block_count))
>  		buf->f_bfree = 0;
>  	else
> 		buf->f_bfree -= sbi->unusable_block_count;

Do we just need stat_lock for this?

> 
> Signed-off-by: Chao Yu <yuchao0@...wei.com>
> ---
>  fs/f2fs/super.c | 7 +++++--
>  1 file changed, 5 insertions(+), 2 deletions(-)
> 
> diff --git a/fs/f2fs/super.c b/fs/f2fs/super.c
> index 2376bb01b5c4..fcc9793dbc2c 100644
> --- a/fs/f2fs/super.c
> +++ b/fs/f2fs/super.c
> @@ -1216,6 +1216,7 @@ static int f2fs_statfs(struct dentry *dentry, struct kstatfs *buf)
>  	u64 id = huge_encode_dev(sb->s_bdev->bd_dev);
>  	block_t total_count, user_block_count, start_count;
>  	u64 avail_node_count;
> +	long long bfree;
>  
>  	total_count = le64_to_cpu(sbi->raw_super->block_count);
>  	user_block_count = sbi->user_block_count;
> @@ -1226,10 +1227,12 @@ static int f2fs_statfs(struct dentry *dentry, struct kstatfs *buf)
>  	buf->f_blocks = total_count - start_count;
>  	buf->f_bfree = user_block_count - valid_user_blocks(sbi) -
>  						sbi->current_reserved_blocks;
> -	if (unlikely(buf->f_bfree <= sbi->unusable_block_count))
> +
> +	bfree = buf->f_bfree - sbi->unusable_block_count;
> +	if (unlikely(bfree < 0))
>  		buf->f_bfree = 0;
>  	else
> -		buf->f_bfree -= sbi->unusable_block_count;
> +		buf->f_bfree = bfree;
>  
>  	if (buf->f_bfree > F2FS_OPTION(sbi).root_reserved_blocks)
>  		buf->f_bavail = buf->f_bfree -
> -- 
> 2.18.0.rc1

Powered by blists - more mailing lists