lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <200804101555.58643.mhocko@suse.cz>
Date:	Thu, 10 Apr 2008 15:55:58 +0200
From:	Michal Hocko <mhocko@...e.cz>
To:	Meelis Roos <mroos@...ux.ee>
Cc:	Linux Kernel list <linux-kernel@...r.kernel.org>,
	linux-fsdevel@...r.kernel.org
Subject: Re: file offset corruption on 32-bit machines?

[Adding fsdevel list]

On Tuesday 08 April 2008 10:05:47 am Meelis Roos wrote:
> Jeff Robertson analyzes the behaviour of different operating systems'
> 64-bit file offset implementation and concludes that on 32-bit
> machines, Linux and Solaris lack any locking to keep the two 32-bit
> halves in sync and this could cause rare file offset corruption.
>
> http://jeffr-tech.livejournal.com/21014.html

AFAICS, this race is theoretically possible, but it is very hard (almost 
impossible) to trigger with a sane file usage pattern. 
Note that you have to access shared struct file (same file descriptor) in 
different threads which should be synchronized by caller anyway (*).

I also don't see any security implications from this race, but maybe someone 
with more knowlage about fs can see (f_pos is used at many places in the 
kernel code).

I think that it is better to live with tiny-race-on-broken-patterns rather 
than paying for synchronization which is not needed for correct paths. 

[*] file_pos_{read,write} (fs/read_write.c) are not called under lock (in 
sys_read, sys_write, ...), so even if f_pos is written atomically, you will 
be able to get races when accessing shared descriptor from different threads.
I think that POSIX states, that behavior is undefined under these conditions.

Best regards
-- 
Michal Hocko
SUSE LINUX s.r.o.
Lihovarska 1060/12
190 00 Praha 9    
Czech Republic 
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ