| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 6 Jan 2021 17:46:05 +0000
From: Russell King - ARM Linux admin <linux@...linux.org.uk>
To: Will Deacon <will@...nel.org>
Cc: Mark Rutland <mark.rutland@....com>,
linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org,
Theodore Ts'o <tytso@....edu>,
Andreas Dilger <adilger.kernel@...ger.ca>,
linux-ext4@...r.kernel.org
Subject: Re: Aarch64 EXT4FS inode checksum failures - seems to be weak memory
ordering issues
On Wed, Jan 06, 2021 at 05:20:34PM +0000, Will Deacon wrote:
> I've managed to reproduce the corruption on my AMD Seattle board (8x A57).
> I haven't had a chance to dig deeper yet, but here's the recipe which works
> for me:
>
> 1. I'm using GCC 4.9.4 simply to try to get as close as I can to rmk's
> setup. I don't know if this is necessary or not, but the toolchain is
> here:
>
> https://kernel.org/pub/tools/crosstool/files/bin/arm64/4.9.4/arm64-gcc-4.9.4-nolibc-aarch64-linux-gnu.tar.xz
>
> and I needed to pull down an old libmpfr to get cc1 to work:
>
> http://ports.ubuntu.com/pool/main/m/mpfr4/libmpfr4_3.1.2-1_arm64.deb
>
> 2. I build a 5.9 kernel with the config here:
>
> https://mirrors.edge.kernel.org/pub/linux/kernel/people/will/bugs/rmk/config-5.9.0
>
> and the resulting Image is here:
>
> https://mirrors.edge.kernel.org/pub/linux/kernel/people/will/bugs/rmk/Image-5.9.0
>
> 3. Using that kernel, I boot into a 64-bit Debian 10 filesystem and open a
> couple of terminals over SSH.
>
> 4. In one terminal, I run:
>
> $ while (true); do find /var /usr /bin /sbin -type f -print0 | xargs -0
> md5sum > /dev/null; echo 2 | sudo tee /proc/sys/vm/drop_caches; done
>
> (note that sudo will prompt you for a password on the first iteration)
>
> 5. In the other terminal, I run:
>
> $ while (true); do ./hackbench ; sleep 1; done
>
> where hackbench is built from:
>
> https://people.redhat.com/mingo/cfs-scheduler/tools/hackbench.c
>
> and compiled according to comment in the source code.
>
> With that, I see the following after ten seconds or so:
>
> EXT4-fs error (device sda2): ext4_lookup:1707: inode #674497: comm md5sum: iget: checksum invalid
>
> Russell, Mark -- does this recipe explode reliably for you too?
It took a couple of iterations of the find loop (4) here on a kernel
where I'd dropped BLK_WBT=y from my .config... whereas I wasn't able
to provoke it before. So running hackbench in parallel seems to
increase the probability.
I rebooted, set it going again, and on the first iteration it exploded
with ext4 inode checksum failure. And again on the following reboot.
So yes, it looks like you've found a way to more reliably reproduce
it.
--
RMK's Patch system: https://www.armlinux.org.uk/developer/patches/
FTTP is here! 40Mbps down 10Mbps up. Decent connectivity at last!
Powered by blists - more mailing lists