lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 24 Aug 2023 09:12:48 -0700
From:   "Darrick J. Wong" <djwong@...nel.org>
To:     cheng.lin130@....com.cn
Cc:     linux-xfs@...r.kernel.org, linux-kernel@...r.kernel.org,
        jiang.yong5@....com.cn, wang.liang82@....com.cn,
        liu.dong3@....com.cn
Subject: Re: [PATCH] xfs: introduce protection for drop nlink

On Thu, Aug 24, 2023 at 03:43:52PM +0800, cheng.lin130@....com.cn wrote:
> From: Cheng Lin <cheng.lin130@....com.cn>
> An dir nlinks overflow which down form 0 to 0xffffffff, cause the
> directory to become unusable until the next xfs_repair run.
> 
> Introduce protection for drop nlink to reduce the impact of this.
> And produce a warning for directory nlink error during remove.
> 
> Signed-off-by: Cheng Lin <cheng.lin130@....com.cn>
> ---
>  fs/xfs/xfs_inode.c | 16 +++++++++++++++-
>  1 file changed, 15 insertions(+), 1 deletion(-)
> 
> diff --git a/fs/xfs/xfs_inode.c b/fs/xfs/xfs_inode.c
> index 9e62cc5..536dbe4 100644
> --- a/fs/xfs/xfs_inode.c
> +++ b/fs/xfs/xfs_inode.c
> @@ -919,6 +919,15 @@ STATIC int xfs_iunlink_remove(struct xfs_trans *tp, struct xfs_perag *pag,
>  	xfs_trans_t *tp,
>  	xfs_inode_t *ip)
>  {
> +	xfs_mount_t     *mp;
> +
> +	if (VFS_I(ip)->i_nlink == 0) {
> +		mp = ip->i_mount;
> +		xfs_warn(mp, "%s: Deleting inode %llu with no links.",
> +			 __func__, ip->i_ino);
> +		return 0;
> +	}
> +
>  	xfs_trans_ichgtime(tp, ip, XFS_ICHGTIME_CHG);
> 
>  	drop_nlink(VFS_I(ip));

I'm not sure how nlink would ever get to 0xFFFFFFFF since the VFS won't
let a link count exceed s_max_links, and XFS sets that to 0x7FFFFFFF.
Unless, of course, you did that outside of Linux.

That said, why wouldn't you /pin/ the link count at -1U instead of
allowing it to overflow to zero?

Could you please take a look at this patch that's waiting in my
submission queue?

https://git.kernel.org/pub/scm/linux/kernel/git/djwong/xfs-linux.git/commit/?h=inode-repair-improvements&id=05f5a82efa6395c92038e18e008aaf7154238f27

--D

> @@ -2442,7 +2451,12 @@ STATIC int xfs_iunlink_remove(struct xfs_trans *tp, struct xfs_perag *pag,
>  	 */
>  	if (is_dir) {
>  		ASSERT(VFS_I(ip)->i_nlink >= 2);
> -		if (VFS_I(ip)->i_nlink != 2) {
> +		if (VFS_I(ip)->i_nlink < 2) {
> +			xfs_warn(ip->i_mount,
> +			"%s: Remove dir (inode %llu) with invalid links.",
> +				 __func__, ip->i_ino);
> +		}
> +		if (VFS_I(ip)->i_nlink > 2) {
>  			error = -ENOTEMPTY;
>  			goto out_trans_cancel;
>  		}
> -- 
> 1.8.3.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ