On Feb 24, 2017, at 3:38 AM, Matthijs Möhlmann <matthijs@xxxxxxxxxxxx> wrote: > > Hello ext4 developers, > > I am trying to run a kernel with grsecurity with the size overflow > protection and am getting the following warnings / errors: > > dmesg: http://pastebin.com/wr3UGLS9 > config: http://pastebin.com/sr8M9bP0 > mballoc.* (make fs/ext4/mballoc.o EXTRA_CFLAGS="-fdump-tree-all > -fdump-ipa-all") http://filebin.ca/3DMIChVw9lQM/mballoc.tgz > > According to the grsecurity developers it seems to be a bug in ext4: > https://forums.grsecurity.net/viewtopic.php?f=1&t=4678&p=16971 pa->pa_pstart = ext4_grp_offs_to_block(sb, &ac->ac_b_ex); pa->pa_lstart = pa->pa_pstart; pa_pstart is 64-bit, pa_lstart is 32-bit. It isn't clear why pa_lstart isn't: pa->pa_lstart = ac->ac_b_ex.fe_logical; as elsewhere in the code, but this _may_ be because the group prealloc is for allocating multiple small files in the same group, so pa_lstart may not make any sense as a per-file logical offset. Cheers, Andreas > The response from ephox (PAX team / grsecurity developer): > -- > Thanks for the report. I think this is an upstream bug. Based on the > runtime values provided by you, ext4_mb_new_group_pa() tries to store a > value into pa->pa_lstart which larger than UINT_MAX which comes from > ext4_group_first_block_no(). > Could you please report it to the ext4 developers? > -- > > I'll try to answer all the questions but I'm not an expert in this area. > > I am also not subscribed to this mailinglist so please keep me in the CC. > > Regards, > > Matthijs Möhlmann > Cheers, Andreas
Attachment:
signature.asc
Description: Message signed with OpenPGP
