lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Thu, 26 Aug 2010 14:27:54 +0200
From:	Jan Kara <jack@...e.cz>
To:	Andreas Dilger <adilger@...ger.ca>
Cc:	Jan Kara <jack@...e.cz>,
	Masayoshi MIZUMA <m.mizuma@...fujitsu.com>,
	Andreas Dilger <adilger.kernel@...ger.ca>,
	Andrew Morton <akpm@...ux-foundation.org>,
	linux-ext4 <linux-ext4@...r.kernel.org>
Subject: Re: [PATCH] [RESEND] ext3: set i_extra_isize of 11th inode

On Wed 25-08-10 17:39:11, Andreas Dilger wrote:
> On 2010-08-25, at 17:04, Jan Kara wrote:
> >> What size is the inode ? This problem happens if the size is larger than 128 byte. (I tested at 256 byte inode.)
> > 
> > Ah, that was the reason. Thanks. But looking at the implications, I'm a bit
> > reluctant to do the change you propose. If someone has a filesystem created
> > by old mkfs, he could suddently see corrupted xattrs in his lost+found
> > directory with the new kernel. Not that there would be a big chance this
> > happens but people run various strange environments...
> 
> The fix to e2fsck for this issue has been around for a long time, AFAIK.
> It was only needed in the kernel while the broken mke2fs was in wide use,
> and before a fixed e2fsck was available.
  I agree but rather old e2fsprogs are still in use and if a filesystem
created by these e2fsprogs would be (possibly on a different machine)
accessed by the new kernel it would see corrupted xattrs. I've looked at our
supported products (the oldest is currently SLES9 SP3) and it has e2fsprogs
1.38. This should be new enough. But RHEL3 which is also still supported
for another three years has e2fsprogs 1.32 so these are buggy. So I'd
rather be on the safe side and fix the bug by consistently refusing to
store extented attributes in inode for inodes <= EXT3_FIRST_INO + 1 as I
don't think that really costs us much...
								Honza
-- 
Jan Kara <jack@...e.cz>
SUSE Labs, CR
--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists