| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 30 Mar 2009 08:53:42 -0500 From: Eric Sandeen <sandeen@...hat.com> To: "Aneesh Kumar K.V" <aneesh.kumar@...ux.vnet.ibm.com> CC: Jan Kara <jack@...e.cz>, linux-ext4@...r.kernel.org, Andrew Morton <akpm@...ux-foundation.org> Subject: Re: [PATCH] ext3: Avoid false EIO errors Aneesh Kumar K.V wrote: > We do a vmtruncate if we failed to allocate blocks in > ext3_write_begin. That is done after the closing the current > transaction. If we crash in between (ie, after committing the > transaction allocating blocks and before committing the transaction that > is doing truncate) we would only have some data blocks leaking. But > that would be better than user seeing zero's in the file ?. Also if we > happen to add the inode to the orphan list and crash, the recovery would > truncate it properly. So by doing a vmtruncate I guess the window would be > small and we are already doing that in ext3_write_begin. I don't agree that leaking data blocks is better than exposing zeros... the former is a security flaw, the latter a (significant) annoyance. -Eric -- To unsubscribe from this list: send the line "unsubscribe linux-ext4" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists