Re: [PATCH v3 3/3] btrfs: Avoid live-lock in search_ioctl() on hardware with sub-page faults

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Wed, Apr 06, 2022 at 07:09:22PM +0100, Catalin Marinas wrote:
> Commit a48b73eca4ce ("btrfs: fix potential deadlock in the search
> ioctl") addressed a lockdep warning by pre-faulting the user pages and
> attempting the copy_to_user_nofault() in an infinite loop. On
> architectures like arm64 with MTE, an access may fault within a page at
> a location different from what fault_in_writeable() probed. Since the
> sk_offset is rewound to the previous struct btrfs_ioctl_search_header
> boundary, there is no guaranteed forward progress and search_ioctl() may
> live-lock.
> 
> Use fault_in_subpage_writeable() instead of fault_in_writeable() to
> ensure the permission is checked at the right granularity (smaller than
> PAGE_SIZE).
> 
> Signed-off-by: Catalin Marinas <catalin.marinas@xxxxxxx>
> Fixes: a48b73eca4ce ("btrfs: fix potential deadlock in the search ioctl")
> Reported-by: Al Viro <viro@xxxxxxxxxxxxxxxxxx>

Acked-by: David Sterba <dsterba@xxxxxxxx>
[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [NTFS 3]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [NTFS 3]     [Samba]     [Device Mapper]     [CEPH Development]

  Powered by Linux