| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 16 Apr 2020 14:09:21 +0800
From: Ming Lei <ming.lei@...hat.com>
To: Luis Chamberlain <mcgrof@...nel.org>
Cc: axboe@...nel.dk, viro@...iv.linux.org.uk, bvanassche@....org,
gregkh@...uxfoundation.org, rostedt@...dmis.org, mingo@...hat.com,
jack@...e.cz, nstange@...e.de, akpm@...ux-foundation.org,
mhocko@...e.com, yukuai3@...wei.com, linux-block@...r.kernel.org,
linux-fsdevel@...r.kernel.org, linux-mm@...ck.org,
linux-kernel@...r.kernel.org, Omar Sandoval <osandov@...com>,
Hannes Reinecke <hare@...e.com>,
Michal Hocko <mhocko@...nel.org>,
syzbot+603294af2d01acfdd6da@...kaller.appspotmail.com
Subject: Re: [PATCH 2/5] blktrace: fix debugfs use after free
On Thu, Apr 16, 2020 at 01:47:50PM +0800, Ming Lei wrote:
> On Thu, Apr 16, 2020 at 05:25:24AM +0000, Luis Chamberlain wrote:
> > On Thu, Apr 16, 2020 at 10:10:36AM +0800, Ming Lei wrote:
> > > In theory, multiple partitions can be traced concurrently, but looks
> > > it never works, so it won't cause trouble for multiple partition trace.
> > >
> > > One userspace visible change is that blktrace debugfs dir name is switched
> > > to disk name from partition name in case of partition trace, will it
> > > break some utilities?
> >
> > How is this possible, its not clear to me, we go from:
> >
> > - q->debugfs_dir = debugfs_create_dir(kobject_name(q->kobj.parent),
> > - blk_debugfs_root);
> >
> > To this:
> >
> > + q->debugfs_dir = debugfs_create_dir(kobject_name(q->kobj.parent),
> > + blk_debugfs_root);
> >
> >
> > Maybe I am overlooking something.
>
> Your patch removes the blktrace debugfs dir:
>
> do_blk_trace_setup()
>
> - dir = debugfs_lookup(buts->name, blk_debugfs_root);
> - if (!dir)
> - bt->dir = dir = debugfs_create_dir(buts->name, blk_debugfs_root);
> -
>
> Then create blktrace attributes under the dir of q->debugfs_dir.
>
> However, buts->name could be one partition device name, but
> q->debugfs_dir has to be disk name.
>
> This change is visible to blktrace utilities.
Just test the 1st two patches via "blktrace /dev/sda2", follows the
result, so this way can't be accepted.
[root@...st-01 ~]# blktrace /dev/sda2
Thread 0 failed open /sys/kernel/debug/block/sda2/trace0: 2/No such file or directory
Thread 4 failed open /sys/kernel/debug/block/sda2/trace4: 2/No such file or directory
Thread 1 failed open /sys/kernel/debug/block/sda2/trace1: 2/No such file or directory
Thread 2 failed open /sys/kernel/debug/block/sda2/trace2: 2/No such file or directory
Thread 5 failed open /sys/kernel/debug/block/sda2/trace5: 2/No such file or directory
Thread 3 failed open /sys/kernel/debug/block/sda2/trace3: 2/No such file or directory
Thread 6 failed open /sys/kernel/debug/block/sda2/trace6: 2/No such file or directory
Thread 7 failed open /sys/kernel/debug/block/sda2/trace7: 2/No such file or directory
FAILED to start thread on CPU 0: 1/Operation not permitted
FAILED to start thread on CPU 1: 1/Operation not permitted
FAILED to start thread on CPU 2: 1/Operation not permitted
FAILED to start thread on CPU 3: 1/Operation not permitted
FAILED to start thread on CPU 4: 1/Operation not permitted
FAILED to start thread on CPU 5: 1/Operation not permitted
FAILED to start thread on CPU 6: 1/Operation not permitted
FAILED to start thread on CPU 7: 1/Operation not permitted
Thanks,
Ming
Powered by blists - more mailing lists