lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <ciw5ocj6io5q5p2tsv3sqpga2ff73eqwhlrrug4el63ggolcho@iviprrqsaemj>
Date: Wed, 2 Apr 2025 12:38:32 -0400
From: Kent Overstreet <kent.overstreet@...ux.dev>
To: Bharadwaj Raju <bharadwaj.raju777@...il.com>
Cc: linux-bcachefs@...r.kernel.org, shuah@...nel.org, 
	linux-kernel@...r.kernel.org, linux-kernel-mentees@...ts.linux.dev, 
	syzbot+c82cd2906e2f192410bb@...kaller.appspotmail.com
Subject: Re: [PATCH] bcachefs: don't call sleeping funcs when handling
 inconsistency errors

On Wed, Apr 02, 2025 at 10:03:10PM +0530, Bharadwaj Raju wrote:
> On Wed, Apr 2, 2025 at 9:47 PM Kent Overstreet
> <kent.overstreet@...ux.dev> wrote:
> >
> > On Wed, Apr 02, 2025 at 09:40:40PM +0530, Bharadwaj Raju wrote:
> > > In bch2_bkey_pick_read_device, we're in an RCU lock. So, we can't call
> > > any potentially-sleeping functions. However, we call bch2_dev_rcu,
> > > which calls bch2_fs_inconsistent in its error case. That then calls
> > > bch2_prt_print on a non-atomic printbuf, as well as uses the blocking
> > > variant of bch2_print_string_as_lines, both of which lead to calls to
> > > potentially-sleeping functions, namely krealloc with GFP_KERNEL
> > > and console_lock respectively.
> > >
> > > Give a nonzero atomic to the printbuf, and use the nonblocking variant
> > > of bch2_print_string_as_lines.
> >
> > Sorry, beat you to it :)
> >
> > You also missed the one the syzbot report actually hit -
> > bch2_inconsistent_error().
> 
> Oops, thank you.
> 
> If I'm not wrong, though, the bch2_print_string_as_lines
> still needs to be changed to bch2_print_string_as_lines_nonblocking?
> 
> In my testing that also produces the same BUG warning.
> 
> Should I make a patch for that?

Yeah, you're right - please do.

If you're feeling particularly adventurous - print_string_as_lines() is
a hack, I think we should be able to do something more robust by
skipping printk (that's where the 1k limit comes from) and calling
something lower level - that will require digging into the printk
codepath and finding lower level we can call.

I also just noticed that print_string_as_lines() needs to check for
being passed a NULL pointer - in case the printbuf memory allocation
fails. Want to get that one too?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ