| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <b1f6ba08-6774-4be9-9e96-563f95e9ccdf@gmail.com> Date: Sat, 25 May 2019 00:21:11 +0200 From: Vicente Bergas <vicencb@...il.com> To: Al Viro <viro@...iv.linux.org.uk> Cc: <linux-fsdevel@...r.kernel.org>, <linux-kernel@...r.kernel.org> Subject: Re: d_lookup: Unable to handle kernel paging request On Wednesday, May 22, 2019 6:29:46 PM CEST, Al Viro wrote: > On Wed, May 22, 2019 at 05:44:30PM +0200, Vicente Bergas wrote: > ... > IOW, here we have also run into bogus hlist forward pointer or head - > same 0x1000000 in one case and 0x0000880001000000 in two others. > > Have you tried to see if KASAN catches anything on those loads? > Use-after-free, for example... Another thing to try: slap > WARN_ON(entry->d_flags & DCACHE_NORCU); > in __d_rehash() and see if it triggers. Hi, i have been running 3 days with KASAN enabled and also with diff a/fs/dcache.c b/fs/dcache.c @@ -2395,3 +2395,4 @@ static void __d_rehash(struct dentry *entry) struct hlist_bl_head *b = d_hash(entry->d_name.hash); + WARN_ON(entry->d_flags & DCACHE_NORCU); hlist_bl_lock(b); but the issue has not appeared again. Next week i will try -rc2 without KASAN and with WARN_ON and see if it triggers. Regards, Vicenç.
Powered by blists - more mailing lists