From: Arnd Bergmann <arnd@kernel.org>
To: Anton Altaparmakov <anton@tuxera.com>,
Kees Cook <keescook@chromium.org>,
Andrew Morton <akpm@linux-foundation.org>
Cc: Arnd Bergmann <arnd@arndb.de>,
linux-ntfs-dev@lists.sourceforge.net,
linux-kernel@vger.kernel.org
Subject: [PATCH] [RFC] ntfs: disable for 64KB because of stack overflow risk
Date: Mon, 27 Sep 2021 16:18:03 +0200 [thread overview]
Message-ID: <20210927141815.1711736-1-arnd@kernel.org> (raw)
From: Arnd Bergmann <arnd@arndb.de>
On ARM64 randconfig builds, we occasionally get warnings for NTFS:
fs/ntfs/aops.c: In function 'ntfs_write_mst_block':
fs/ntfs/aops.c:1328:1: error: the frame size of 2224 bytes is larger than 2048 bytes [-Werror=frame-larger-than=]
The problem here is that with 64KB pages, we get two arrays on the
stack that each have 128 pointers, for a total of 2KB. Before
the VLA change, this could already happen with 512-byte blocks,
however in practice NTFS should usually have 4KB blocks and not
be affected by this (see link).
Now the stack usage is always > 2KB on any architecture with 64KB
pages. Since both NTFS and 64KB page support are fairly rare,
we may get away with just marking the combination as disallowed
in Kconfig and see if anyone complains before we find a different
way to address it.
Fixes: ac4ecf968acb ("ntfs: aops: remove VLA usage")
Link: https://support.microsoft.com/en-us/help/140365/default-cluster-size-for-ntfs-fat-and-exfat
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
---
fs/ntfs/Kconfig | 1 +
fs/ntfs/aops.c | 3 +++
2 files changed, 4 insertions(+)
diff --git a/fs/ntfs/Kconfig b/fs/ntfs/Kconfig
index 1667a7e590d8..b770f0209b9c 100644
--- a/fs/ntfs/Kconfig
+++ b/fs/ntfs/Kconfig
@@ -2,6 +2,7 @@
config NTFS_FS
tristate "NTFS file system support"
select NLS
+ depends on !PAGE_SIZE_64KB && !ARM64_64K_PAGES
help
NTFS is the file system of Microsoft Windows NT, 2000, XP and 2003.
diff --git a/fs/ntfs/aops.c b/fs/ntfs/aops.c
index bb0a43860ad2..76d59bd4c1eb 100644
--- a/fs/ntfs/aops.c
+++ b/fs/ntfs/aops.c
@@ -914,6 +914,9 @@ static int ntfs_write_mst_block(struct page *page,
bool sync, is_mft, page_is_dirty, rec_is_dirty;
unsigned char bh_size_bits;
+ /* Two arrays of MAX_BUF_PER_PAGE on the stack risks an overrun with 64K pages */
+ BUILD_BUG_ON(PAGE_SIZE >= 65536);
+
if (WARN_ON(rec_size < NTFS_BLOCK_SIZE))
return -EINVAL;
--
2.29.2
next reply other threads:[~2021-09-27 14:18 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-27 14:18 Arnd Bergmann [this message]
2021-09-27 16:23 ` [PATCH] [RFC] ntfs: disable for 64KB because of stack overflow risk Kees Cook
2021-09-27 23:21 ` Anton Altaparmakov
2021-09-28 8:20 ` Arnd Bergmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210927141815.1711736-1-arnd@kernel.org \
--to=arnd@kernel.org \
--cc=akpm@linux-foundation.org \
--cc=anton@tuxera.com \
--cc=arnd@arndb.de \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-ntfs-dev@lists.sourceforge.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).