[xenial,CVE-2015-8952,0/3] replace mbcache with mbcache2 for ext2/ext4

Message ID	20170909002556.23382-1-cascardo@canonical.com
Headers	show Return-Path: <kernel-team-bounces@lists.ubuntu.com> From: Thadeu Lima de Souza Cascardo <cascardo@canonical.com> To: kernel-team@lists.ubuntu.com Subject: [xenial CVE-2015-8952 0/3] replace mbcache with mbcache2 for ext2/ext4 Date: Fri, 8 Sep 2017 21:25:53 -0300 Message-Id: <20170909002556.23382-1-cascardo@canonical.com> Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" <kernel-team-bounces@lists.ubuntu.com>
Series	replace mbcache with mbcache2 for ext2/ext4 \| expand [xenial,CVE-2015-8952,0/3] replace mbcache with mbcache2 for ext2/ext4 [xenial,CVE-2015-8952,1/3] mbcache2: reimplement mbcache [xenial,CVE-2015-8952,2/3] ext2: convert to mbcache2 [xenial,CVE-2015-8952,3/3] ext4: convert to mbcache2

Message ID

20170909002556.23382-1-cascardo@canonical.com

Headers

From: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>
To: kernel-team@lists.ubuntu.com
Subject: [xenial CVE-2015-8952 0/3] replace mbcache with mbcache2 for
	ext2/ext4
Date: Fri,  8 Sep 2017 21:25:53 -0300
Message-Id: <20170909002556.23382-1-cascardo@canonical.com>
Precedence: list
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Errors-To: kernel-team-bounces@lists.ubuntu.com
Sender: "kernel-team" <kernel-team-bounces@lists.ubuntu.com>

Series

replace mbcache with mbcache2 for ext2/ext4 | expand

Message

Thadeu Lima de Souza Cascardo Sept. 9, 2017, 12:25 a.m. UTC

Third patch needed backport because of context due to commit
c6d5612f80923170dad06c04736984cc9bcc8568 ("ext4: lock the xattr block before checksuming it").

Removal of old mbcache was not included to minimize number of patches.

Jan Kara (3):
  mbcache2: reimplement mbcache
  ext2: convert to mbcache2
  ext4: convert to mbcache2

 fs/Makefile              |   2 +-
 fs/ext2/ext2.h           |   3 +
 fs/ext2/super.c          |  25 ++--
 fs/ext2/xattr.c          | 143 +++++++++----------
 fs/ext2/xattr.h          |  21 +--
 fs/ext4/ext4.h           |   2 +-
 fs/ext4/super.c          |   7 +-
 fs/ext4/xattr.c          | 136 +++++++++---------
 fs/ext4/xattr.h          |   5 +-
 fs/mbcache2.c            | 359 +++++++++++++++++++++++++++++++++++++++++++++++
 include/linux/mbcache2.h |  50 +++++++
 11 files changed, 577 insertions(+), 176 deletions(-)
 create mode 100644 fs/mbcache2.c
 create mode 100644 include/linux/mbcache2.h

Comments

Stefan Bader Sept. 15, 2017, 9:33 a.m. UTC | #1

On 09.09.2017 02:25, Thadeu Lima de Souza Cascardo wrote:
> Third patch needed backport because of context due to commit
> c6d5612f80923170dad06c04736984cc9bcc8568 ("ext4: lock the xattr block before checksuming it").
> 
> Removal of old mbcache was not included to minimize number of patches.
> 
> Jan Kara (3):
>   mbcache2: reimplement mbcache
>   ext2: convert to mbcache2
>   ext4: convert to mbcache2
> 
>  fs/Makefile              |   2 +-
>  fs/ext2/ext2.h           |   3 +
>  fs/ext2/super.c          |  25 ++--
>  fs/ext2/xattr.c          | 143 +++++++++----------
>  fs/ext2/xattr.h          |  21 +--
>  fs/ext4/ext4.h           |   2 +-
>  fs/ext4/super.c          |   7 +-
>  fs/ext4/xattr.c          | 136 +++++++++---------
>  fs/ext4/xattr.h          |   5 +-
>  fs/mbcache2.c            | 359 +++++++++++++++++++++++++++++++++++++++++++++++
>  include/linux/mbcache2.h |  50 +++++++
>  11 files changed, 577 insertions(+), 176 deletions(-)
>  create mode 100644 fs/mbcache2.c
>  create mode 100644 include/linux/mbcache2.h
> 
It feels a bit excessive to fix that CVE by replacing one cache with another.
Also I noticed that in the bugzilla which gets referred to from the CVE data,
there are a couple of other changes around the drop of the old code. Those sound
at least like improving performance.

For that reason I would at least discuss this with Thadeu next week. And then
decide how to go on with this.

-Stefan