| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <alpine.LSU.2.00.1201111639240.1833@eggly.anvils> Date: Wed, 11 Jan 2012 17:02:12 -0800 (PST) From: Hugh Dickins <hughd@...gle.com> To: Allison Henderson <achender@...ux.vnet.ibm.com> cc: linux-ext4@...r.kernel.org Subject: punch-hole should go beyond i_size Hi Allison, In thinking about fallocate() on tmpfs, I cross-check with ext4 and find this bug in its implementation of FALLOC_FL_PUNCH_HOLE: rm -f temp fallocate -l 4096 temp du temp # shows 4, right fallocate -p -l 4096 temp du temp # shows 0, right rm -f temp fallocate -n -l 4096 temp du temp # shows 4, right fallocate -p -l 4096 temp du temp # shows 4, wrong rm temp ext4_ext_punch_hole() contains /* No need to punch hole beyond i_size */ early return, and trimming to i_size below, but forgets that the other variety of fallocate(), with FALLOC_FL_KEEP_SIZE set, may have allocated blocks beyond i_size. They can be removed with ftruncate(), but it is unexpected for fallocate() not to undo its own work, and xfs does so. Hugh -- To unsubscribe from this list: send the line "unsubscribe linux-ext4" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists