lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Thu, 21 Jun 2007 05:10:46 -0600
From:	Andreas Dilger <adilger@...sterfs.com>
To:	Jan Kara <jack@...e.cz>
Cc:	linux-ext4@...r.kernel.org, tytso@....edu
Subject: Re: ext2fs_block_iterate() on fast symlink

On Jun 21, 2007  11:54 +0200, Jan Kara wrote:
> On Thu 21-06-07 03:33:43, Andreas Dilger wrote:
> > > +	if (LINUX_S_ISCHR(inode.i_mode) || LINUX_S_ISBLK(inode.i_mode) ||
> > > +	    (LINUX_S_ISLNK(inode.i_mode) &&
> > > +	     ext2fs_inode_data_blocks(fs, &inode) == 0))
> > > +		return EXT2_ET_INVAL_INODE_TYPE;
> > 
> > I would prefer that we NOT continue to make fast symlinks conditional upon
> > the i_blocks count.  That causes problems if e.g. an EA block is present
> > (that would cause this blocks == 0 test to incorrectly fail), and may making
> > the check (blocks - !!i_file_acl) can still fail for other reasons where a
> > block is added to an inode (e.g. if we have larger EAs, etc).
>
>   Note that ext2fs_inode_data_blocks() subtract number of EA blocks, so it
> is equivalent to (blocks - !!i_file_acl). The function is supposed to
> return the number of real data blocks so the test should be fine even in
> future.

This is where I disagree.  We had a whole series of bugs in different places
when SELinux patched ext2/3 to allow EAs on symlinks (also breaking ext2/3
compatibility in the process), because fast symlink checking was based on
i_blocks and not i_size.  Then we fixed those bugs, but we are open to a
whole series of new bugs should any other blocks be assigned to an symlink.

> > I'd prefer to make this check "i_size < sizeof(i_block)" or similar, which
> > has always been true for fast symlinks, for every kernel that I have ever
> > seen.
>
>   Personally I don't mind much. If Ted finds this better, I'll change that.
> Maybe introducing some macro LINUX_S_ISFASTLNK() would be fine.

Ted, are you aware of any kernel that ever wrote a short symlink into an
external block?  Since it isn't possible to modify a symlink after it is
created (except adding an EA ;-) it should never be possible that a "slow"
symlink is shortened but left in the external block.

Cheers, Andreas
--
Andreas Dilger
Principal Software Engineer
Cluster File Systems, Inc.

-
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ