| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20060727191247.GA29166@infradead.org> Date: Thu, 27 Jul 2006 20:12:47 +0100 From: Christoph Hellwig <hch@...radead.org> To: Eric Sandeen <sandeen@...deen.net> Cc: Neil Brown <neilb@...e.de>, Andrew Morton <akpm@...l.org>, Theodore Tso <tytso@....edu>, jack@...e.cz, 20@...ingley.org, marcel@...tmann.org, linux-kernel@...r.kernel.org, sct@...hat.com, adilger@...sterfs.com Subject: Re: Bad ext3/nfs DoS bug On Thu, Jul 27, 2006 at 01:32:43PM -0500, Eric Sandeen wrote: > Neil Brown wrote: > >On Wednesday July 26, sandeen@...deen.net wrote: > > >>Hm, with this, ext3.ko has a new dependency on exportfs.ko. Is that > >>desirable/acceptable? > > > >Drat, you're right. > >No, I don't think that is what we want. > >I'll do it differently in a day or so. > > Would moving export_iget into fs/inode.c & exporting it from there be a > reasonable way to go? At least ext2 & ext3 both have this need (prevent > nfs access to special inodes) so putting the bulk of what they need for > get_dentry (i.e. export_iget) somewhere common seems like a decent > option to me. Nope. The right fix is to not make ext2/3 rely on export_iget at all. Please implement the proper export_operations instead, similar to e.g. xfs. export_iget is a horrible layering violation that needs to go away long-term, not move into core code. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists