* storing a value larger than UINT_MAX
@ 2017-02-24 10:38 Matthijs Möhlmann
2017-02-27 21:16 ` Andreas Dilger
0 siblings, 1 reply; 2+ messages in thread
From: Matthijs Möhlmann @ 2017-02-24 10:38 UTC (permalink / raw)
To: linux-ext4
Hello ext4 developers,
I am trying to run a kernel with grsecurity with the size overflow
protection and am getting the following warnings / errors:
dmesg: http://pastebin.com/wr3UGLS9
config: http://pastebin.com/sr8M9bP0
mballoc.* (make fs/ext4/mballoc.o EXTRA_CFLAGS="-fdump-tree-all
-fdump-ipa-all") http://filebin.ca/3DMIChVw9lQM/mballoc.tgz
According to the grsecurity developers it seems to be a bug in ext4:
https://forums.grsecurity.net/viewtopic.php?f=1&t=4678&p=16971
The response from ephox (PAX team / grsecurity developer):
--
Thanks for the report. I think this is an upstream bug. Based on the
runtime values provided by you, ext4_mb_new_group_pa() tries to store a
value into pa->pa_lstart which larger than UINT_MAX which comes from
ext4_group_first_block_no().
Could you please report it to the ext4 developers?
--
I'll try to answer all the questions but I'm not an expert in this area.
I am also not subscribed to this mailinglist so please keep me in the CC.
Regards,
Matthijs Möhlmann
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: storing a value larger than UINT_MAX
2017-02-24 10:38 storing a value larger than UINT_MAX Matthijs Möhlmann
@ 2017-02-27 21:16 ` Andreas Dilger
0 siblings, 0 replies; 2+ messages in thread
From: Andreas Dilger @ 2017-02-27 21:16 UTC (permalink / raw)
To: Matthijs Möhlmann; +Cc: linux-ext4
[-- Attachment #1: Type: text/plain, Size: 1674 bytes --]
On Feb 24, 2017, at 3:38 AM, Matthijs Möhlmann <matthijs@cacholong.nl> wrote:
>
> Hello ext4 developers,
>
> I am trying to run a kernel with grsecurity with the size overflow
> protection and am getting the following warnings / errors:
>
> dmesg: http://pastebin.com/wr3UGLS9
> config: http://pastebin.com/sr8M9bP0
> mballoc.* (make fs/ext4/mballoc.o EXTRA_CFLAGS="-fdump-tree-all
> -fdump-ipa-all") http://filebin.ca/3DMIChVw9lQM/mballoc.tgz
>
> According to the grsecurity developers it seems to be a bug in ext4:
> https://forums.grsecurity.net/viewtopic.php?f=1&t=4678&p=16971
pa->pa_pstart = ext4_grp_offs_to_block(sb, &ac->ac_b_ex);
pa->pa_lstart = pa->pa_pstart;
pa_pstart is 64-bit, pa_lstart is 32-bit. It isn't clear why pa_lstart isn't:
pa->pa_lstart = ac->ac_b_ex.fe_logical;
as elsewhere in the code, but this _may_ be because the group prealloc is
for allocating multiple small files in the same group, so pa_lstart may not
make any sense as a per-file logical offset.
Cheers, Andreas
> The response from ephox (PAX team / grsecurity developer):
> --
> Thanks for the report. I think this is an upstream bug. Based on the
> runtime values provided by you, ext4_mb_new_group_pa() tries to store a
> value into pa->pa_lstart which larger than UINT_MAX which comes from
> ext4_group_first_block_no().
> Could you please report it to the ext4 developers?
> --
>
> I'll try to answer all the questions but I'm not an expert in this area.
>
> I am also not subscribed to this mailinglist so please keep me in the CC.
>
> Regards,
>
> Matthijs Möhlmann
>
Cheers, Andreas
[-- Attachment #2: Message signed with OpenPGP --]
[-- Type: application/pgp-signature, Size: 195 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2017-02-28 2:31 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-02-24 10:38 storing a value larger than UINT_MAX Matthijs Möhlmann
2017-02-27 21:16 ` Andreas Dilger
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.