lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 24 May 2018 16:20:47 -0400
From:   "Theodore Y. Ts'o" <tytso@....edu>
To:     Andreas Dilger <adilger@...ger.ca>
Cc:     Ext4 Developers List <linux-ext4@...r.kernel.org>,
        wen.xu@...ech.edu, jannh@...gle.com
Subject: Re: [PATCH 1/3] ext4: do not allow external inodes for inline data

On Thu, May 24, 2018 at 10:51:21AM -0600, Andreas Dilger wrote:
> On May 23, 2018, at 9:37 AM, Theodore Ts'o <tytso@....edu> wrote:
> > 
> > The inline data feature was implemented before we added support for
> > external inodes for xattrs.  It makes no sense to support that
> > combination, but the problem is that there are a number of extended
> > attribute checks that are skipped if e_value_inum is non-zero.
> > 
> > Unfortunately, the inline data code is completely e_value_inum
> > unaware, and attempts to interpret the xattr fields as if it were an
> > inline xattr --- at which point, Hilarty Ensues.
> 
> I guess the separate question is whether this should also check for
> "inline data" in an external xattr block and disallow that also?
> On the one hand, "inline data" in an external block doesn't make
> sense - why not just store the data in a block directly?
> 
> On the other hand, this might be useful at some point in the future
> if we have large bigalloc chunks that makes using a whole chunk for
> a small file inefficient and we could pack the data from multiple
> small files into a single bigalloc chunk as inline data xattrs (maybeh
> using the inode number as xattr name to keep the xattrs unique)?

This would require fragment support and I really doubt we would ever
go there.

There's a larger question hiding here which is should we forbid
anything that we we would never encode.  In theory this we could
forbid storing inline data in an external xattr block.  But if we did
do this, the kernel would declare the file system to be corrupted, and
today e2fsck would say the file system is fine.  Even if we did add
the same check to e2fsck, it would mean that here would be file
systems that future kernels would reject which users running the
current versions of e2fsprogs would not be able to repair.

Given that storing inline data in an external xattr block is harmless
(albeit pointless), it's probably not worth it to forbid it.

		    	 	      	    - Ted

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ