lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 15 Apr 2009 14:10:08 -0500
From:	Eric Sandeen <sandeen@...hat.com>
To:	Chris Mason <chris.mason@...cle.com>
CC:	Jan Kara <jack@...e.cz>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	"Theodore Ts'o" <tytso@....edu>,
	Linux Kernel Developers List <linux-kernel@...r.kernel.org>,
	Ext4 Developers List <linux-ext4@...r.kernel.org>
Subject: Re: [PATCH RFC] ext3 data=guarded v3

Chris Mason wrote:
> Hello everyone,
> 
> Here is another version of the data=guarded work for ext3.  The main
> difference between this code and yesterday's is the guarded writepage
> function now sends any newly allocated block through the old data=ordered code.
> 
> This is important because at the time we're walking the buffers, the page
> may be unlocked, so we can't trust anything inside the page.  In general,
> any allocation done by writepage is to fill a hole, so the old data=ordered
> is what we want anyway.
> 
> This passed a longer stress test and generally seems to be working.  I
> don't think anyone would recommend it as a default for 2.6.30, but it
> may be a good idea to have a review party and decide if it is safe enough
> to include so people can experiment with it.

Chris, thanks for getting this going.  I think this is a great idea, as
it gives us most of the performance benefits of writeback without the
security issues.

I'm under the gun on some other deadlines at the moment so will have to
do a detailed review later, but this seems like a very good approach,
and in my testing it does indeed solve the the security problem of
writeback mode.

-Eric

> Overall diffstat of the series:
> 
>  fs/buffer.c                 |   45 ++-
>  fs/ext3/Makefile            |    3
>  fs/ext3/fsync.c             |   12
>  fs/ext3/inode.c             |  546 +++++++++++++++++++++++++++++++++++++++++++-
>  fs/ext3/namei.c             |    3
>  fs/ext3/ordered-data.c      |  318 +++++++++++++++++++++++++
>  fs/ext3/super.c             |   48 +++
>  fs/jbd/transaction.c        |    1
>  include/linux/buffer_head.h |    3
>  include/linux/ext3_fs.h     |   33 ++
>  include/linux/ext3_fs_i.h   |   44 +++
>  include/linux/ext3_fs_sb.h  |    6
>  include/linux/ext3_jbd.h    |   11
>  include/linux/jbd.h         |   10
>  mm/filemap.c                |    1
> 
> -chris
> 
> 
> --
> To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
> the body of a message to majordomo@...r.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html

--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ