lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 23 Aug 2007 09:37:45 -0500
From:	Michael Halcrow <mhalcrow@...ibm.com>
To:	Ryusuke Konishi <konishi.ryusuke@....ntt.co.jp>
Cc:	moriai.satoshi@....ntt.co.jp,
	Andrew Morton <akpm@...ux-foundation.org>,
	ecryptfs-devel@...ts.sourceforge.net, linux-kernel@...r.kernel.org
Subject: Re: [Ecryptfs-devel] [PATCH] eCryptfs: fix possible fault in ecryptfs_sync_page

On Thu, Aug 23, 2007 at 04:42:59PM +0900, Ryusuke Konishi wrote:
> This will avoid a possible fault in ecryptfs_sync_page().

Acked-by: Michael Halcrow <mhalcrow@...ibm.com>

Note that there are other outstanding issues with eCryptfs on NFS. For
instance, prepare_write()/commit_write() have gone away in -mm,
leading to an oops when eCryptfs tries to call them directly, which is
well deserved, since eCryptfs really should not be doing that. Unionfs
has just two places where it calls vfs_read() and vfs_write()
respectively; eCryptfs is a bit more complex, with multiple write
paths that end up writing encrypted data and updating metadata in the
header. I am currently trying to find a way to convert everything over
to vfs_read() and vfs_write() in eCryptfs, in a way that does not
ultimately result in a kernel hang.

> In the function, eCryptfs calls sync_page() method of a lower 
> filesystem without checking its existence.  However, there 
> are many filesystems that don't have this method including
> network filesystems such as NFS, AFS, and so forth.
> They may fail when an eCryptfs page is waiting for lock.
> 
> Signed-off-by: Ryusuke Konishi <konishi.ryusuke@....ntt.co.jp>
> ---
>  fs/ecryptfs/mmap.c |    3 ++-
>  1 files changed, 2 insertions(+), 1 deletions(-)
> 
> diff --git a/fs/ecryptfs/mmap.c b/fs/ecryptfs/mmap.c
> index e4ab7bc..fd3f94d 100644
> --- a/fs/ecryptfs/mmap.c
> +++ b/fs/ecryptfs/mmap.c
> @@ -834,7 +834,8 @@ static void ecryptfs_sync_page(struct page *page)
>  		ecryptfs_printk(KERN_DEBUG, "find_lock_page failed\n");
>  		return;
>  	}
> -	lower_page->mapping->a_ops->sync_page(lower_page);
> +	if (lower_page->mapping->a_ops->sync_page)
> +		lower_page->mapping->a_ops->sync_page(lower_page);
>  	ecryptfs_printk(KERN_DEBUG, "Unlocking page with index = [0x%.16x]\n",
>  			lower_page->index);
>  	unlock_page(lower_page);
> 
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Splunk Inc.
> Still grepping through log files to find problems?  Stop.
> Now Search log events and configuration files using AJAX and a browser.
> Download your FREE copy of Splunk now >>  http://get.splunk.com/
> _______________________________________________
> eCryptfs-devel mailing list
> eCryptfs-devel@...ts.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/ecryptfs-devel
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ