Re: Reiserfs.c bug in 3.2-rc5
From: Jan Kara
Date: Tue Jan 03 2012 - 07:39:00 EST
Hell,
On Tue 03-01-12 09:31:22, Jorge Bastos wrote:
> > Yes, thanks! So we see that reiserfs_security_init() returned bogus
> > number 790797. This is caused by security_old_inode_init_security()
> > either returning some bogus number or setting sec->length to
> > something bogus. In any case it's some security module problem so
> > I'm adding Mimi Zohar who did the changes in this code recently to
> > CC. I'm also adding Rafael since this is a regression.
> >
> > Also I think he might use your kernel config so can you please send
> > it?
> > Thanks.
>
> Sure,
> Please grab it here:
>
> http://neotrix.decimal.pt/bugs/config-3.2-rc7.txt
>
> Let me know when the fix gets commited git master.
Thanks! So I've managed to reproduce the problem and I now understand
what is the problem. Commit 1e39f384bb01b0395b69cb70c2cacae65012f203 makes
security_old_inode_init_security() return 0 when CONFIG_SECURITY is not
set. But that makes caller such as reiserfs_security_init() assume that
security_old_inode_init_security() has set name, value, and len arguments
properly (which is IMO correct assumption). But they were left
uninitialized which makes things break in an interesting ways... The fix is
below.
Mimi, James, Linus, this patch fixes a regression from 3.1 and should make
it to 3.2 if possible.
Honza
----