lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 23 Mar 2020 08:10:27 -0700 From: Jaegeuk Kim <jaegeuk@...nel.org> To: Joe Perches <joe@...ches.com> Cc: Chao Yu <yuchao0@...wei.com>, linux-f2fs-devel@...ts.sourceforge.net, linux-kernel@...r.kernel.org, chao@...nel.org Subject: Re: [PATCH v5] f2fs: fix potential .flags overflow on 32bit architecture On 03/23, Joe Perches wrote: > On Mon, 2020-03-23 at 11:18 +0800, Chao Yu wrote: > > f2fs_inode_info.flags is unsigned long variable, it has 32 bits > > in 32bit architecture, since we introduced FI_MMAP_FILE flag > > when we support data compression, we may access memory cross > > the border of .flags field, corrupting .i_sem field, result in > > below deadlock. > [] > > diff --git a/fs/f2fs/inode.c b/fs/f2fs/inode.c > [] > > @@ -362,7 +362,7 @@ static int do_read_inode(struct inode *inode) > > fi->i_flags = le32_to_cpu(ri->i_flags); > > if (S_ISREG(inode->i_mode)) > > fi->i_flags &= ~F2FS_PROJINHERIT_FL; > > - fi->flags = 0; > > + bitmap_zero(fi->flags, BITS_TO_LONGS(FI_MAX)); > > Sorry, I misled you here, this should be > > bitmap_zero(fi->flags, FI_MAX); Thanks, I applied this directly in the f2fs tree.
Powered by blists - more mailing lists