lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Sat, 18 Oct 2008 07:18:01 +0200
From:	Willy Tarreau <w@....eu>
To:	Peter Cordes <peter@...des.ca>
Cc:	Hugh Dickins <hugh@...itas.com>, Bodo Eggert <7eggert@....de>,
	David Newall <davidn@...idnewall.com>,
	Peter Zijlstra <peterz@...radead.org>,
	linux-kernel@...r.kernel.org,
	Christoph Hellwig <hch@...radead.org>,
	linux-mm <linux-mm@...ck.org>
Subject: Re: no way to swapoff a deleted swap file?

On Fri, Oct 17, 2008 at 09:31:17PM -0300, Peter Cordes wrote:
> On Fri, Oct 17, 2008 at 01:17:17PM +0100, Hugh Dickins wrote:
> > On Fri, 17 Oct 2008, Bodo Eggert wrote:
> > > 
> > > Somebody might want their swapfiles to have zero links,
> > > _and_ the possibility of doing swapoff.
> > 
> > You're right, they might, and it's not an unreasonable wish.
> > But we've not supported it in the past, and I still don't
> > think it's worth adding special kernel support for it now.
> 
>  I'd be inclined to agree with not bloating the kernel to support
> this, even though it would have been convenient for me in one case.  I
> do have an idea for supporting this without bloat, see below.  In case
> anyone wants more details about how I painted myself into that corner,
> here's the backstory to my feature request.

(...)
I have another idea which might be simpler to implement in userspace.
What happened to you is a typical accident, you did not run on purpose
on a deleted swap file. So we should at least ensure that such types
of accidents could not happen easily.

If swapon did set the immutable bit on a file just after enabling swap
to it, it would at least prevent accidental removal of that file. Swapoff
would have to clean that bit, and swapon would have to clean it upon
startup too (in case of unplanned reboots).

That way, you could still remove such files on purpose provided you do
a preliminary "chattr -i" on them, but "rm -rf" would keep them intact.
It would also prevent accidental modifications, such as "ls .>swapfile"
instead of "ls ./swapfile".

Regards,
Willy

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists