lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20130213230511.GW14195@fieldses.org> Date: Wed, 13 Feb 2013 18:05:11 -0500 From: "J. Bruce Fields" <bfields@...ldses.org> To: Anand Avati <anand.avati@...il.com> Cc: Theodore Ts'o <tytso@....edu>, Bernd Schubert <bernd.schubert@...m.fraunhofer.de>, sandeen@...hat.com, linux-nfs@...r.kernel.org, linux-ext4@...r.kernel.org, gluster-devel@...gnu.org Subject: Re: [Gluster-devel] regressions due to 64-bit ext4 directory cookies On Wed, Feb 13, 2013 at 02:57:13PM -0800, Anand Avati wrote: > On Wed, Feb 13, 2013 at 2:47 PM, Theodore Ts'o <tytso@....edu> wrote: > > > On Wed, Feb 13, 2013 at 05:41:41PM -0500, J. Bruce Fields wrote: > > > > What if we have an ioctl or a process personality flag where a broken > > > > application can tell the file system "I'm broken, please give me a > > > > degraded telldir/seekdir cookie"? That way we don't penalize programs > > > > that are doing the right thing, while providing some accomodation for > > > > programs who are abusing the telldir cookie. > > > > > > Yeah, if there's a simple way to do that, maybe it would be worth it. > > > > Doing this as an ioctl which gets called right after opendir, i.e > > (ignoring error checking): > > > > DIR *dir = opendir("/foo/bar/baz"); > > ioctl(dirfd(dir), EXT4_IOC_DEGRADED_READDIR, 1); > > ... > > > > should be quite easy. It would be a very ext3/4 specific thing, > > though. > > > That would work, even though it would be ext3/4 specific. What is the > recommended programmatic way to detect if the file is on ext3/4 -- we would > not want to attempt that blindly on a non-ext3/4 FS as the numerical value > of EXT4_IOC_DEGRADED_READDIR might get interpreted in dangerous ways? We must have been through this before, but: is the only way to generate a collision-free readdir cookie really to use a larger hash? Would it be possible to make something work like, for example, a 31-bit hash plus an offset into a hash bucket? I have trouble thinking about this, partly because I can't remember where to find the requirements for readdir on concurrently modified directories.... --b. -- To unsubscribe from this list: send the line "unsubscribe linux-ext4" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists