lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 17 Feb 2017 17:09:29 +0100
From:   Miklos Szeredi <mszeredi@...hat.com>
To:     Al Viro <viro@...iv.linux.org.uk>
Cc:     linux-unionfs@...r.kernel.org, linux-kernel@...r.kernel.org,
        linux-fsdevel@...r.kernel.org
Subject: [PATCH 0/9] overlay: fix inconsistency of ro file after copy-up

A file is opened for read-only, opened read-write (resulting in a copy up)
and modified.  The data read back from the the read-only fd will be stale
in this case (the read-only file descriptor still refers to the lower,
unmodified file).

This patchset fixes issues related to this corner case.  This is a
requirement from various parties for accepting overlayfs as a "POSIX"
filesystem.

When an operation (read, mmap, fsync) is done on an overlay fd opened
read-only that is referring to a lower file, check if it has been copied up
in the mean time.  If so, open the upper file and use that for the operation.

To make the performance impact minimal for non-overlay case, use a flag in
file->f_mode to indicate that this is an overlay file.

Git tree is here:

git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/vfs.git #overlay-ro-rw-fix

Miklos Szeredi (9):
  vfs: extract common parts of {compat_,}do_readv_writev()
  vfs: pass type instead of fn to do_{loop,iter}_readv_writev()
  vfs: use helpers for calling f_op->{read,write}_iter()
  vfs: intercept reads to overlay files
  mm: ovl: copy-up on MAP_SHARED
  mm: use helper for calling f_op->mmap()
  ovl: intercept mmap on overlay files
  vfs: use helper for calling f_op->fsync()
  vfs: intercept fsync on overlay files

 drivers/block/loop.c                   |   4 +-
 drivers/gpu/drm/i915/i915_gem_dmabuf.c |   2 +-
 drivers/gpu/drm/vgem/vgem_drv.c        |   2 +-
 fs/Makefile                            |   2 +-
 fs/aio.c                               |   4 +-
 fs/coda/file.c                         |   2 +-
 fs/open.c                              |   2 +
 fs/overlay_util.c                      |  77 +++++++++++++++++++++
 fs/read_write.c                        | 121 +++++++++++++--------------------
 fs/splice.c                            |   2 +-
 fs/sync.c                              |   2 +-
 include/linux/fs.h                     |  42 ++++++++++++
 include/linux/overlay_util.h           |  17 +++++
 ipc/shm.c                              |   4 +-
 mm/mmap.c                              |   5 +-
 mm/nommu.c                             |   4 +-
 mm/util.c                              |  22 ++++++
 17 files changed, 227 insertions(+), 87 deletions(-)
 create mode 100644 fs/overlay_util.c
 create mode 100644 include/linux/overlay_util.h

-- 
2.5.5

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ