lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <44D35DA0.4060403@redhat.com>
Date:	Fri, 04 Aug 2006 09:45:52 -0500
From:	Eric Sandeen <esandeen@...hat.com>
To:	Greg KH <gregkh@...e.de>
CC:	linux-kernel@...r.kernel.org, stable@...nel.org, torvalds@...l.org,
	Justin Forbes <jmforbes@...uxtx.org>,
	Zwane Mwaikambo <zwane@....linux.org.uk>,
	"Theodore Ts'o" <tytso@....edu>,
	Randy Dunlap <rdunlap@...otime.net>,
	Dave Jones <davej@...hat.com>,
	Chuck Wolber <chuckw@...ntumlinux.com>,
	Chris Wedgwood <reviews@...cw.f00f.org>, akpm@...l.org,
	alan@...rguk.ukuu.org.uk, jack@...e.cz, neilb@...e.de,
	Marcel Holtmann <marcel@...tmann.org>,
	"Stephen C. Tweedie" <sct@...hat.com>
Subject: Re: [patch 16/23] ext3: avoid triggering ext3_error on bad NFS file
 handle

Greg KH wrote:
> -stable review patch.  If anyone has any objections, please let us know.
> 
> ------------------
> From: Neil Brown <neilb@...e.de>
> 
> The inode number out of an NFS file handle gets passed eventually to
> ext3_get_inode_block() without any checking.  If ext3_get_inode_block()
> allows it to trigger an error, then bad filehandles can have unpleasant
> effect - ext3_error() will usually cause a forced read-only remount, or a
> panic if `errors=panic' was used.
> 
> So remove the call to ext3_error there and put a matching check in
> ext3/namei.c where inode numbers are read off storage.

This patch and the ext2 patch (23/23) are accomplishing the same thing in 2 
different ways, I think, and introducing unnecessary differences between ext2 
and ext3.  I'd personally prefer to see both ext2 and ext3 handled with the 
get_dentry op addition, and I'd be happy to quickly whip up the ext3 patch to do 
this if there's agreement on this path.

(there's nothing technically wrong with either approach, it just seems 
inconsistent to me).

Thanks,

-Eric
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ