lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20241011032415.GC21877@frogsfrogsfrogs>
Date: Thu, 10 Oct 2024 20:24:15 -0700
From: "Darrick J. Wong" <djwong@...nel.org>
To: Chi Zhiling <chizhiling@....com>
Cc: cem@...nel.org, linux-xfs@...r.kernel.org, linux-kernel@...r.kernel.org,
	chizhiling <chizhiling@...inos.cn>
Subject: Re: [PATCH] xfs_logprint: Fix super block buffer interpretation issue

On Fri, Oct 11, 2024 at 11:08:10AM +0800, Chi Zhiling wrote:
> From: chizhiling <chizhiling@...inos.cn>
> 
> When using xfs_logprint to interpret the buffer of the super block, the
> icount will always be 6360863066640355328 (0x5846534200001000). This is
> because the offset of icount is incorrect, causing xfs_logprint to
> misinterpret the MAGIC number as icount.
> This patch fixes the offset value of the SB counters in xfs_logprint.
> 
> Before this patch:
> icount: 6360863066640355328  ifree: 5242880  fdblks: 0  frext: 0
> 
> After this patch:
> icount: 10240  ifree: 4906  fdblks: 37  frext: 0
> 
> Signed-off-by: chizhiling <chizhiling@...inos.cn>
> ---
>  logprint/log_misc.c | 8 ++++----
>  1 file changed, 4 insertions(+), 4 deletions(-)
> 
> diff --git a/logprint/log_misc.c b/logprint/log_misc.c
> index 8e86ac34..21da5b8b 100644
> --- a/logprint/log_misc.c
> +++ b/logprint/log_misc.c
> @@ -288,13 +288,13 @@ xlog_print_trans_buffer(char **ptr, int len, int *i, int num_ops)
>  			/*
>  			 * memmove because *ptr may not be 8-byte aligned
>  			 */
> -			memmove(&a, *ptr, sizeof(__be64));
> -			memmove(&b, *ptr+8, sizeof(__be64));

How did this ever work??  This even looks wrong in "Release_1.0.0".

> +			memmove(&a, *ptr + offsetof(struct xfs_dsb, sb_icount), sizeof(__be64));
> +			memmove(&b, *ptr + offsetof(struct xfs_dsb, sb_ifree), sizeof(__be64));

Why not do:

			struct xfs_dsb *dsb = *ptr;

			memcpy(&a, &dsb->sb_icount, sizeof(a));

or better yet, skip the indirection and do

			printf(_("icount: %llu  ifree: %llu  "),
					(unsigned long long)be64_to_cpu(dsb->sb_icount),
					(unsigned long long)be64_to_cpu(dsb->sb_ifree));

Hm?

--D

>  			printf(_("icount: %llu  ifree: %llu  "),
>  			       (unsigned long long) be64_to_cpu(a),
>  			       (unsigned long long) be64_to_cpu(b));
> -			memmove(&a, *ptr+16, sizeof(__be64));
> -			memmove(&b, *ptr+24, sizeof(__be64));
> +			memmove(&a, *ptr + offsetof(struct xfs_dsb, sb_fdblocks), sizeof(__be64));
> +			memmove(&b, *ptr + offsetof(struct xfs_dsb, sb_frextents), sizeof(__be64));
>  			printf(_("fdblks: %llu  frext: %llu\n"),
>  			       (unsigned long long) be64_to_cpu(a),
>  			       (unsigned long long) be64_to_cpu(b));
> -- 
> 2.43.0
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ