lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <YTIZpijSZc+ykNUY@mit.edu>
Date:   Fri, 3 Sep 2021 08:48:38 -0400
From:   "Theodore Ts'o" <tytso@....edu>
To:     Dan Carpenter <dan.carpenter@...cle.com>
Cc:     Jan Kara <jack@...e.com>, linux-ext4@...r.kernel.org,
        linux-kernel@...r.kernel.org, kernel-janitors@...r.kernel.org
Subject: Re: [PATCH] ext2: do not sleep in ext2_error()

On Fri, Sep 03, 2021 at 12:05:38PM +0300, Dan Carpenter wrote:
> No one expects error logging functions to sleep so sometimes they are
> called with spinlocks held.  In this case the problematic call tree is:
> 
> ext2_statfs() <- disables preempt
> -> ext2_count_free_inodes()
>    -> ext2_get_group_desc()
>       -> ext2_error()
> 
> Signed-off-by: Dan Carpenter <dan.carpenter@...cle.com>
> ---
> This is just from static analysis.  NOT TESTED!
> 
> Probably a safer fix would be to just call pr_err() instead of
> ext2_error() in ext2_get_group_desc().  I can send that fix instead if
> people want.

Looking at both of the ext2_error() calls in ext2_get_group_desc(),
those are really more in the way of assertions rather than warning of
an on-disk corruption issue.  The second "group descriptor not loaded"
should never happen, and the "block_group >= groups_count" should have
been caught via an invalid block number or check by the caller (or an
outright code bug in say ext2_statfs().

So I suspect both of those would be more usefule as a WARN() rather
than a call to ext2_error(), since stack trace would actually provide
more useful data to root causing the issue.  Jan, what do you think?

     	    	    	 	 - Ted

P.S.  The same analysis applies for ext4_get_group_desc(), BTW.  We
don't take a lock in ext4_statfs() so trying to take a lock while
sleeping is not an issue.

For both ext2 and ext4, the caller is not supposed to holding spin
locks when it calls ext[24]_error().  In cases where it is absolutely
not avoidable, special measures are required --- see for example
__ext4_grp_locked_error().

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ