lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <31800f57-2fd5-4e9b-a301-36a67ba27210@gmail.com>
Date: Tue, 25 Mar 2025 22:30:19 +0530
From: Purva Yeshi <purvayeshi550@...il.com>
To: Al Viro <viro@...iv.linux.org.uk>
Cc: Dave Kleikamp <shaggy@...nel.org>, jfs-discussion@...ts.sourceforge.net,
 linux-kernel@...r.kernel.org,
 syzbot+219127d0a3bce650e1b6@...kaller.appspotmail.com
Subject: Re: [PATCH] fs: jfs: Avoid sleeping function call in softirq

On 22/03/25 20:05, Al Viro wrote:
> On Sat, Mar 22, 2025 at 07:51:34PM +0530, Purva Yeshi wrote:
>> Bug detected by Syzbot:
>> BUG: sleeping function called from invalid context in jfs_fsync
>>
>> Fix jfs_fsync() to avoid sleeping in softirq/atomic, preventing crash.
>> Skip execution in softirq/atomic and return -EWOULDBLOCK to prevent issues.
>> Correct generic_file_fsync() call to pass the required arguments properly.
> 
> _ANY_ ->fsync() instance may sleep; adding that bandaid in jfs one does
> not fix anything - the realy bug is whatever leads to having that
> *called* in such conditions (e.g. having an unbalanced spin_lock()
> somewhere, etc.)
> 
> NAK.

Thanks for the review. Based on your feedback, I have analyzed the call 
path leading to fsync() being invoked in an invalid context. The issue 
arises because generic_write_sync() is being called inside 
dio_complete(), which can be triggered from dio_bio_end_aio().

dio_bio_end_aio() executes as a bio completion handler, which may run in 
a SoftIRQ context. If dio_complete() is called directly (without 
deferring), generic_write_sync() gets executed within SoftIRQ, which is 
problematic since fsync() (invoked later) may sleep.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ