[SRU][T][PATCH 0/1] CVE-2016-10741 - Local DoS in XFS
Hui Wang
hui.wang at canonical.com
Tue Feb 19 12:56:58 UTC 2019
On 2019/2/19 下午8:48, Tyler Hicks wrote:
> On 2019-02-19 19:32:56, Hui Wang wrote:
>> https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-10741.html
>>
>> In the Linux kernel before 4.9.3, fs/xfs/xfs_aops.c allows local users to
>> cause a denial of service (system crash) because there is a race condition
>> between direct and memory-mapped I/O (associated with a hole) that is
>> handled with BUG_ON instead of an I/O failure.
>>
>> This issue is only for trusty kernel. The original patch context is different
>> from the trusty kernel, I backported this patch rather than cherry-picked.
>>
>> I think the backport is safe since the logic is same as the original
>> patch (if there are both direct and mapped-IO access for a file at the same
>> time, don't BUG_ON() unconditionally, instead we will return EIO or
>> WARN_ON_ONCE() conditionally).
>>
>> building test pass.
>>
>> I generated a xfs filesytem based on a file (dd, mount and mkfs.xfs) and did
>> some basic file operations (generate a new file, write sth in
>> this file, read out from this file, delete this file), everthing
>> works fine as before.
> Thanks for working on this fix. Would you be able to run the test
> mentioned in the commit message of the fix?
>
> https://git.kernel.org/pub/scm/fs/xfs/xfstests-dev.git/tree/tests/generic/095
>
> Thanks!
>
> Tyler
OK, will do the test.
>> Brian Foster (1):
>> xfs: don't BUG() on mixed direct and mapped I/O
>>
>> fs/xfs/xfs_aops.c | 21 ++++++++++++++++++++-
>> 1 file changed, 20 insertions(+), 1 deletion(-)
>>
>> --
>> 2.17.1
>>
>>
>> --
>> kernel-team mailing list
>> kernel-team at lists.ubuntu.com
>> https://lists.ubuntu.com/mailman/listinfo/kernel-team
More information about the kernel-team
mailing list