On Wed, 02 Mar 2022, Theodore Ts'o wrote: > [un]pin_user_pages_remote is dirtying pages without properly warning > the file system in advance. A related race was noted by Jan Kara in > 2018[1]; however, more recently instead of it being a very hard-to-hit > race, it could be reliably triggered by process_vm_writev(2) which was > discovered by Syzbot[2]. > > This is technically a bug in mm/gup.c, but arguably ext4 is fragile in > that if some other kernel subsystem dirty pages without properly > notifying the file system using page_mkwrite(), ext4 will BUG, while > other file systems will not BUG (although data will still be lost). > > So instead of crashing with a BUG, issue a warning (since there may be > potential data loss) and just mark the page as clean to avoid > unprivileged denial of service attacks until the problem can be > properly fixed. More discussion and background can be found in the > thread starting at [2]. > > [1] https://lore.kernel.org/linux-mm/20180103100430.GE4911@xxxxxxxxxxxxxx > [2] https://lore.kernel.org/r/Yg0m6IjcNmfaSokM@xxxxxxxxxx > > Reported-by: syzbot+d59332e2db681cf18f0318a06e994ebbb529a8db@xxxxxxxxxxxxxxxxxxxxxxxxx > Reported-by: Lee Jones <lee.jones@xxxxxxxxxx> > Signed-off-by: Theodore Ts'o <tytso@xxxxxxx> > Cc: stable@xxxxxxxxxx > --- > v4 - only changes to the commit description to eliminate some inaccuracies > and clarify the text. > > fs/ext4/inode.c | 27 ++++++++++++++++++++++++++- > 1 file changed, 26 insertions(+), 1 deletion(-) Thanks a bunch for sticking with this Ted. I've been following along with great interest. Sadly I am not in a position to provide a review. Just wanted to pop by and say thank you. -- Lee Jones [李琼斯] Principal Technical Lead - Developer Services Linaro.org │ Open source software for Arm SoCs Follow Linaro: Facebook | Twitter | Blog
