ACK: [SRU][Focal][PATCH 0/1] CVE-2023-2269
Tim Gardner
tim.gardner at canonical.com
Mon Jul 31 14:30:00 UTC 2023
On 7/28/23 1:40 PM, Yuxuan Luo wrote:
> [Impact]
> A denial of service problem was found, due to a possible recursive
> locking scenario, resulting in a deadlock in table_clear in
> drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing
> sub-component.
>
> [Backport]
> Clean cherry pick.
>
> [Test]
> Tested against the following script to verify that the verity
> functionality is not broken and ioctl is still working as intended:
>
> ```bash
> IMG_SIZE=50M
> VERITY_DEV=''
> HASH_DEV=''
> TARGET_DIR=/mnt/dmtest
> ROOT_HASH=''
> PARAM=''
>
> # Prepare two loop devices
> truncate -s $IMG_SIZE verity.img hash.img
>
> losetup -f verity.img
> VERITY_DEV=$(sudo losetup -j verity.img | awk -F: '{print $1}')
> losetup -f hash.img
> HASH_DEV=$(sudo losetup -j hash.img | awk -F: '{print $1}')
>
> # Create the verity device
> ROOT_HASH=`veritysetup format $VERITY_DEV $HASH_DEV
> | tail -n 1
> | awk '{print $3}'`
> veritysetup create vroot $VERITY_DEV $HASH_DEV $ROOT_HASH
>
> # Reload the verity device
> PARAM=$(sudo dmsetup table | awk '{ret = $2 " " $3; print ret}')
> dmsetup suspend vroot
>
> # Expect this command to fail
> dmsetup reload vroot --table "$PARAM linear $VERITY_DEV 0"
> ```
>
> [Potential Regression]
> Expect low regression potential.
>
> Mike Snitzer (1):
> dm ioctl: fix nested locking in table_clear() to remove deadlock
> concern
>
> drivers/md/dm-ioctl.c | 7 ++++---
> 1 file changed, 4 insertions(+), 3 deletions(-)
>
Acked-by: Tim Gardner <tim.gardner at canonical.com>
--
-----------
Tim Gardner
Canonical, Inc
More information about the kernel-team
mailing list