lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 22 Feb 2012 08:10:42 -0800
From:	Linus Torvalds <torvalds@...ux-foundation.org>
To:	"H. Peter Anvin" <hpa@...or.com>
Cc:	Ian Kent <raven@...maw.net>, David Miller <davem@...emloft.net>,
	linux-kernel@...r.kernel.org, autofs@...r.kernel.org,
	Thomas Meyer <thomas@...3r.de>,
	Al Viro <viro@...iv.linux.org.uk>
Subject: Re: compat: autofs v5 packet size ambiguity - update

On Tue, Feb 21, 2012 at 10:02 PM, H. Peter Anvin <hpa@...or.com> wrote:
>
> Note that it's really rather unfortunate that this transmits the entire
> packet no matter what, which also means that the "len" field is actually
> completely and totally pointless.

Yes.

> I have mentioned in the past that I consider it a design mistake on my
> part to have used a pipe in the first place: it was "so easy", but
> required an extra read for no good reason, or padding to fixed size
> resulting in this problem.  The right thing really should have been to
> use a Unix datagram socket; these days using SOCK_SEQPACKET - that way
> the kernel would give you the right semantics by design.

Well, the kernel gives the right semantics for pipes too - writes are
guaranteed to be "atomic", so even in the presence of multiple writers
you can trivially do packetized data.

You just have to (a) add the length to the packet and (b) do the
length+packet write as a single write (which is limited to PIPE_SIZE -
4kB - for the atomicity guarantee).

If you don't have multiple concurrent writers without locking, the (b)
part falls away entirely, of course.

Yes, for the reader side you need to be able to handle the fact that
you can get more than one packet in one read() call, but sorting that
out isn't hard either.

But yeah, writing fixed-size data and then having a reader that reads
fixed-size data is just not a very good approach. It's doubly bad when
the "fixed size" isn't an explicit size that is documented in the
protocol, but depends on data structures.

                               Linus
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ