lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sun, 17 Mar 2019 20:38:22 +0000 From: Al Viro <viro@...iv.linux.org.uk> To: Eric Biggers <ebiggers@...nel.org> Cc: linux-fscrypt@...r.kernel.org, linux-fsdevel@...r.kernel.org, linux-ext4@...r.kernel.org, linux-f2fs-devel@...ts.sourceforge.net, linux-mtd@...ts.infradead.org, linux-unionfs@...r.kernel.org, Sarthak Kukreti <sarthakkukreti@...omium.org>, Gao Xiang <gaoxiang25@...wei.com> Subject: Re: [PATCH 1/5] fscrypt: clean up and improve dentry revalidation On Sun, Mar 17, 2019 at 01:04:40PM -0700, Eric Biggers wrote: > + /* > + * Ciphertext name; valid if the directory's key is still unavailable. > + * > + * Note: since fscrypt forbids rename() on ciphertext names, it should > + * be safe to access ->d_parent directly here. No, it is not. Again, d_splice_alias() on buggered fs image picking a reference to your subdirectory when doing a lookup elsewhere. It can relocate the damn thing, without rename() being allowed for _anything_.
Powered by blists - more mailing lists