lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Tue, 25 Dec 2012 23:45:32 -0500
From:	Theodore Ts'o <tytso@....edu>
To:	Chen Gang <gang.chen@...anux.com>
Cc:	jack@...e.cz, akpm@...ux-foundation.org, linux-ext4@...r.kernel.org
Subject: Re: [PATCH] fs/ext3: use kzalloc instead of kmalloc

On Wed, Dec 26, 2012 at 11:15:19AM +0800, Chen Gang wrote:
> 
>   checking the ext3_acl_size, it does not like what you said above.
>   but we can say, the design for ext3_acl_size is really not quit well.
>     (maybe can cause issue).

Ah, I see.  What's there is OK, but it's not at all obvious that it's
OK.  A valid acl must have a very specific order of tags, as enforced
by posix_acl_valid() in fs/posix_acl.c:

ACL_USER_OBJ ACL_USER*[1] ACL_GROUP_OBJ ACL_GROUP*[1] ACL_MASK[2] ACL_OTHER 

[1] Where * is the regexp sense of "0 or more times"
[2] Only if there is at least one ACL_USER or ACL_GROUP tag; otherwise
	skip ACL_MASK.

Hence, a valid acl can have at most 4 short acl entry types
(ACL_USER_OBJ, ACL_GROUP, ACL_MASK, and ACL_OTHER), and if there is
less than 4 acl entries, they must all be short acl types.

All I can say is, this is a horrible way of coding things, and I wish
this was documented explicitly somewhere either in fs/posix_acl.c or
in include/linux/posix_acl.h.  Yuck, yuck, yuck....

						- Ted
--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists