lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <1171385896.6202.20.camel@localhost.localdomain>
Date:	Tue, 13 Feb 2007 08:58:16 -0800
From:	Dave Hansen <hansendc@...ibm.com>
To:	Andrew Morton <akpm@...ux-foundation.org>
Cc:	linux-kernel@...r.kernel.org, hch@...radead.org
Subject: Re: [PATCH 12/22] elevate write count files are open()ed

On Mon, 2007-02-12 at 21:11 -0800, Andrew Morton wrote:
> On Fri, 09 Feb 2007 14:53:37 -0800 Dave Hansen <hansendc@...ibm.com> wrote:
> 
> > diff -puN fs/file_table.c~14-24-tricky-elevate-write-count-files-are-open-ed fs/file_table.c
> > --- lxc/fs/file_table.c~14-24-tricky-elevate-write-count-files-are-open-ed	2007-02-09 14:26:54.000000000 -0800
> > +++ lxc-dave/fs/file_table.c	2007-02-09 14:26:54.000000000 -0800
> > @@ -209,8 +209,11 @@ void fastcall __fput(struct file *file)
> >  	if (unlikely(S_ISCHR(inode->i_mode) && inode->i_cdev != NULL))
> >  		cdev_put(inode->i_cdev);
> >  	fops_put(file->f_op);
> > -	if (file->f_mode & FMODE_WRITE)
> > +	if (file->f_mode & FMODE_WRITE) {
> >  		put_write_access(inode);
> > +		if(!special_file(inode->i_mode))
> > +			mnt_drop_write(mnt);
> > +	}
> >  	put_pid(file->f_owner.pid);
> >  	put_user_ns(file->f_owner.user_ns);
> >  	file_kill(file);
> > diff -puN fs/namei.c~14-24-tricky-elevate-write-count-files-are-open-ed fs/namei.c
> > --- lxc/fs/namei.c~14-24-tricky-elevate-write-count-files-are-open-ed	2007-02-09 14:26:54.000000000 -0800
> > +++ lxc-dave/fs/namei.c	2007-02-09 14:26:54.000000000 -0800
> > @@ -1548,8 +1548,17 @@ int may_open(struct nameidata *nd, int a
> >  			return -EACCES;
> >  
> >  		flag &= ~O_TRUNC;
> > -	} else if (IS_RDONLY(inode) && (flag & FMODE_WRITE))
> > -		return -EROFS;
> > +	} else if (flag & FMODE_WRITE) {
> > +		/*
> > +		 * effectively: !special_file()
> > +		 * balanced by __fput()
> > +		 */
> > +		error = mnt_want_write(nd->mnt);
> > +		if (error)
> > +			return error;
> > +		if (IS_RDONLY(inode))
> > +			return -EROFS;
> > +	}
> 
> yipes.  A new mount-wide spin_lock/unlock for each for-writing open() and close().
> Can we have a microbenchmark on this please?

Yeah, I'll schedule some dbench time on a NUMA machine.

> Are you sure that fget_light() and fput_light() don't accidentally bypass this
> new logic?

Pretty sure.  My code actually surrounds all of the permission() checks
in the VFS.  To even use fget, you had to get a fd at some point, and to
do that you have to go through open, where both the mount and normal
filesystem checks are.

Is there something particular you had in mind?

-- Dave

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ