From: Dave Chinner <david@fromorbit.com>
To: Sheng Yong <shengyong1@huawei.com>
Cc: Greg KH <gregkh@linuxfoundation.org>, stable@vger.kernel.org
Subject: Re: [PATCH] xfs: remote attribute overwrite causes transaction overrun
Date: Mon, 4 May 2015 13:34:12 +1000 [thread overview]
Message-ID: <20150504033412.GC21261@dastard> (raw)
In-Reply-To: <5546CF40.1020809@huawei.com>
On Mon, May 04, 2015 at 09:45:36AM +0800, Sheng Yong wrote:
> CVE-2015-0274 is caused by commit e461fcb ("xfs: remote attribute
> lookups require the value length"), which was introduced in 3.11.
> It should have had nothing to do with 3.10-stable. However, when
> we checked 3.10, we found that this commit was check-picked from
> (maybe) the xfs tree. The patch ("xfs: remote attribute lookups
> require the value length") was also included in 3.10, and its
> commit is 7ae077802. So 3.10-stable is affected by the CVE.
So aparently it is needed if there is any bug exposed, which I can't
tell from the complete lack of information in the CVE about it.
Indeed, I originally found the problem on a CONFIG_XFS_DEBUG=y
kernel, which flags lots of issues that have no effect on run-time
behaviour of production systems. A transaction overrun does *not*
cause a production system to fail, so I'm really not sure that there
is a problem that needs to be fixed here.
Regardless of whether there is a bug to be fixed or not, what
regression testing have you done on your backport to ensure you
haven't introduced any new problems?
Cheers,
Dave.
--
Dave Chinner
david@fromorbit.com
prev parent reply other threads:[~2015-05-04 3:34 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-04-29 1:55 [RFC PATCH] xfs: remote attribute overwrite causes transaction overrun Sheng Yong
2015-04-29 1:55 ` [PATCH] " Sheng Yong
2015-04-29 7:43 ` Dave Chinner
2015-04-29 9:05 ` Sheng Yong
2015-05-02 18:36 ` Greg KH
2015-05-04 1:45 ` Sheng Yong
2015-05-04 3:34 ` Dave Chinner [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150504033412.GC21261@dastard \
--to=david@fromorbit.com \
--cc=gregkh@linuxfoundation.org \
--cc=shengyong1@huawei.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox