| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ZbnYitvLz7sWi727@casper.infradead.org> Date: Wed, 31 Jan 2024 05:20:10 +0000 From: Matthew Wilcox <willy@...radead.org> To: Theodore Ts'o <tytso@....edu> Cc: Dave Chinner <david@...morbit.com>, syzbot <syzbot+cdee56dbcdf0096ef605@...kaller.appspotmail.com>, adilger.kernel@...ger.ca, chandan.babu@...cle.com, jack@...e.com, linux-ext4@...r.kernel.org, linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org, linux-xfs@...r.kernel.org, syzkaller-bugs@...glegroups.com Subject: Re: current->journal_info got nested! (was Re: [syzbot] [xfs?] [ext4?] general protection fault in jbd2__journal_start) On Tue, Jan 30, 2024 at 11:58:22PM -0500, Theodore Ts'o wrote: > Hmm, could XFS pre-fault target memory buffer for the bulkstat output > before starting its transaction? Alternatively, ext4 could do a save > of current->journal_info before starting to process the page fault, > and restore it when it is done. Both of these seem a bit hacky, and > the question is indeed, are there other avenues that might cause the > transaction context nesting, such that a more general solution is > called for? I'd suggest that saving off current->journal_info is risky because it might cover a real problem where you've taken a pagefault inside a transaction (eg ext4 faulting while in the middle of a transaction on the same filesystem that contains the faulting file). Seems to me that we shouldn't be writing to userspace while in the middle of a transaction. We could even assert that in copy_to_user()?
Powered by blists - more mailing lists