lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <a3065e3a-41eb-4f1f-9dfc-2051885da734@wdc.com>
Date: Tue, 7 Oct 2025 12:14:27 +0000
From: Johannes Thumshirn <Johannes.Thumshirn@....com>
To: Miquel Sabaté Solà <mssola@...ola.com>
CC: "linux-btrfs@...r.kernel.org" <linux-btrfs@...r.kernel.org>, "clm@...com"
	<clm@...com>, "dsterba@...e.com" <dsterba@...e.com>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] btrfs: fix memory leak when rejecting a non SINGLE data
 profile without an RST

On 10/7/25 2:04 PM, Miquel Sabaté Solà wrote:
> Johannes Thumshirn @ 2025-10-07 11:21 GMT:
>
>> On 10/7/25 1:05 PM, Miquel Sabaté Solà wrote:
>>
>>   Johannes Thumshirn @ 2025-10-07 10:13 GMT:
>>
>>
>>
>> Wouldn't it make more sense to only set "ret = -EINVAL" and run the rest
>> of the functions cleanup? I.e. with your patch the chunk_map isn't freed
>> as well.
>>
>>
>> The short answer is that I wanted to keep the patch as minimal as
>> possible while preserving the intent of the original code. From the
>> original code (see commit 5906333cc4af ("btrfs: zoned: don't skip block
>> group profile checks on conventional zones")), I get that the intent was
>> to return as early as possible, so to not go through all the if
>> statements below as they were not relevant on that case (that is, not
>> just the one you mention where the cache->physical_map is
>> freed). Falling through as you suggest would go into these if/else
>> blocks, which I don't think is what we want to do.
>>
>> But it still sounds good that we should probably also free the chunk map
>> as you say. Hence, maybe we could move the new "out_free:" label before
>> the `if (!ret)` block right above where I've put it now. This way we
>> ensure that the chunk map is freed, and we avoid going through the other
>> if/else blocks which the aforementioned commit wanted to avoid.
>>
>> No it really should only be ret = -EINVAL without any new labels AFAICS.
>>
>> 1)  the alloc_offset vs zone_capacity check is still usable
> I don't think so as the ret value will be changed from -EINVAL (as set
> from the previous if block) to -EIO. I believe that the intent from the
> aforementioned commit was to return an -EINVAL on this case.

I don't think this matters at all as there's still the error print above 
(for both cases).

And the check is very valuable, as it shows a discrepancy between the on 
disk representation and the in memory representation.

Especially a WP mismatch on a zoned drive is fatal.

> Maybe the reviewers from commit 5906333cc4af ("btrfs: zoned: don't skip
> block group profile checks on conventional zones") can shed some light
> into this...
>
>> 2) the check if we're post the WP is skipped as ret != 0
>>
>> 3) we're hitting the else path and freeing the chunk map.
>>
>>   As a last note, maybe for v2 I should add:
>>
>> Fixes: 5906333cc4af ("btrfs: zoned: don't skip block group profile checks on conventional zones")
>>
>> Correct
> My email client detected your email as an HTML one. Is that so? Just as
> a heads up for others as the reply format might look a bit funky :/

Yeah my mailsetup is a bit funky these days, I'm sorry.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ