lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <MN2PR19MB316710380735D81840557886D4110@MN2PR19MB3167.namprd19.prod.outlook.com>
Date:   Sat, 8 Jun 2019 01:15:00 +0000
From:   Wang Shilong <wshilong@....com>
To:     Eric Biggers <ebiggers@...nel.org>
CC:     Wang Shilong <wangshilong1991@...il.com>,
        "linux-ext4@...r.kernel.org" <linux-ext4@...r.kernel.org>,
        "linux-f2fs-devel@...ts.sourceforge.net" 
        <linux-f2fs-devel@...ts.sourceforge.net>,
        Andreas Dilger <adilger@...ger.ca>
Subject: 回复: 回复: [f2fs-dev] [PATCH 1/2] ext4: only set project inherit bit for directory

Hi,


> You are right for this and we also need take care of this in EXT4_IOC_FSSETXATTR/
> this is a bit strange behavior as chattr read existed flags
> but could not set them again, there are several possible ways that I could think
> of to fix the issue?
>
> 1) change chattr to filter Project inherit bit before call FS_IOC_SETFLAGS
>
> 2) we automatically fixed the flag before mask check, something like:
> if reg:
>      flags &= ~PROJECT_INHERT;
>       if (ext4_mask_flags(inode->i_mode, flags) != flags)
>                 return -EOPNOTSUPP;
> But this might be not good..
>
> I would prefer solution 1)
> What do you think?

Existing versions of chattr can't be changed, and people don't necessarily
upgrade the kernel and e2fsprogs at the same time.  So (1) wouldn't really work.

A better solution might be to make FS_IOC_GETFLAGS and FS_IOC_FSGETXATTR never
return the project inherit flag on regular files.

- Eric

>>>>>>

How about fix it in  __ext4_iget():

  ei->i_flags = le32_to_cpu(raw_inode->i_flags);
  if (S_ISREG(inode->i_mode))
       ei->i_flags &= ~EXT4_PROJINHERIT_FL;

This way will give a big chance flag will be automatically fixed
next time whenever inode is dirtied.

Thanks,
Shilong

Powered by blists - more mailing lists