[SRU][T][PATCH 0/1] CVE-2016-10741 - Local DoS in XFS
Tyler Hicks
tyhicks at canonical.com
Tue Feb 19 12:48:44 UTC 2019
On 2019-02-19 19:32:56, Hui Wang wrote:
> https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-10741.html
>
> In the Linux kernel before 4.9.3, fs/xfs/xfs_aops.c allows local users to
> cause a denial of service (system crash) because there is a race condition
> between direct and memory-mapped I/O (associated with a hole) that is
> handled with BUG_ON instead of an I/O failure.
>
> This issue is only for trusty kernel. The original patch context is different
> from the trusty kernel, I backported this patch rather than cherry-picked.
>
> I think the backport is safe since the logic is same as the original
> patch (if there are both direct and mapped-IO access for a file at the same
> time, don't BUG_ON() unconditionally, instead we will return EIO or
> WARN_ON_ONCE() conditionally).
>
> building test pass.
>
> I generated a xfs filesytem based on a file (dd, mount and mkfs.xfs) and did
> some basic file operations (generate a new file, write sth in
> this file, read out from this file, delete this file), everthing
> works fine as before.
Thanks for working on this fix. Would you be able to run the test
mentioned in the commit message of the fix?
https://git.kernel.org/pub/scm/fs/xfs/xfstests-dev.git/tree/tests/generic/095
Thanks!
Tyler
>
> Brian Foster (1):
> xfs: don't BUG() on mixed direct and mapped I/O
>
> fs/xfs/xfs_aops.c | 21 ++++++++++++++++++++-
> 1 file changed, 20 insertions(+), 1 deletion(-)
>
> --
> 2.17.1
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
More information about the kernel-team
mailing list