Re: [PATCH 00/10] AXFS: Advanced XIP filesystem

From: Arnd Bergmann
Date: Fri Aug 22 2008 - 11:21:32 EST

Next message: Adrian Bunk: "[2.6 patch] sh: fix ptrace_64.c:user_disable_single_step()"
Previous message: Adrian Bunk: "[2.6 patch] sh64: re-add the __strnlen_user() prototype"
In reply to: Geert Uytterhoeven: "Re: [PATCH 00/10] AXFS: Advanced XIP filesystem"
Next in thread: Jared Hulbert: "Re: [PATCH 00/10] AXFS: Advanced XIP filesystem"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Friday 22 August 2008, Geert Uytterhoeven wrote:
> I gave AxFS a try on PS3 (ppc64, always use big-endian 64-bit for testing new
> code ;-).
> When mounting the image, I got the crash below:
>
> | attempt to access beyond end of device
> | loop0: rw=0, want=4920, limit=4912
> | Unable to handle kernel paging request for data at address 0x00000028

Offset 0x28 is buffer_head->b_data, so it seems like sb_bread returns NULL,
which it does for out of range block numbers. I guess axfs_copy_block
should check for that condition, as it can happen on malicious file system
images.
I agree that this is likely to get caused by an endianess bug.
A good help for finding endianess bugs is to use __be64 like data types
everywhere and test with sparse -D__CHECK_ENDIAN__.

Arnd
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Adrian Bunk: "[2.6 patch] sh: fix ptrace_64.c:user_disable_single_step()"
Previous message: Adrian Bunk: "[2.6 patch] sh64: re-add the __strnlen_user() prototype"
In reply to: Geert Uytterhoeven: "Re: [PATCH 00/10] AXFS: Advanced XIP filesystem"
Next in thread: Jared Hulbert: "Re: [PATCH 00/10] AXFS: Advanced XIP filesystem"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]