lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 11 Jan 2012 17:02:12 -0800 (PST)
From:	Hugh Dickins <hughd@...gle.com>
To:	Allison Henderson <achender@...ux.vnet.ibm.com>
cc:	linux-ext4@...r.kernel.org
Subject: punch-hole should go beyond i_size

Hi Allison,

In thinking about fallocate() on tmpfs, I cross-check with ext4
and find this bug in its implementation of FALLOC_FL_PUNCH_HOLE:

rm -f temp
fallocate    -l 4096 temp
du temp				# shows 4, right
fallocate -p -l 4096 temp
du temp				# shows 0, right
rm -f temp
fallocate -n -l 4096 temp
du temp				# shows 4, right
fallocate -p -l 4096 temp
du temp				# shows 4, wrong
rm temp

ext4_ext_punch_hole() contains /* No need to punch hole beyond i_size */
early return, and trimming to i_size below, but forgets that the other
variety of fallocate(), with FALLOC_FL_KEEP_SIZE set, may have allocated
blocks beyond i_size.  They can be removed with ftruncate(), but it is
unexpected for fallocate() not to undo its own work, and xfs does so.

Hugh
--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ