| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 14 Aug 2008 18:44:33 -0700 (PDT) From: david@...g.hm To: Theodore Tso <tytso@....edu> cc: Christoph Hellwig <hch@...radead.org>, Eric Paris <eparis@...hat.com>, tvrtko.ursulin@...hos.com, alan@...rguk.ukuu.org.uk, andi@...stfloor.org, Arjan van de Ven <arjan@...radead.org>, linux-kernel@...r.kernel.org, malware-list@...ts.printk.net, malware-list-bounces@...sg.printk.net, peterz@...radead.org, viro@...IV.linux.org.uk Subject: Re: [malware-list] TALPA - a threat model? well sorta. On Thu, 14 Aug 2008, Theodore Tso wrote: > On Thu, Aug 14, 2008 at 03:34:08PM -0400, Christoph Hellwig wrote: >> >> It's not used at all on regular files except for ext4 with a non-default, >> undocumented mount option. XFS will grow it soon in a similar way as ext4, >> except that it will be documented or I might have even figured out by >> then how to just enabled it from nfsd. > > We do need a standardized way of enabling it (since it does cost you > something in performance, so not everyone will want it on), and a > standardized way of reading i_version out to userspace. Maybe a mount > option is the right way to do it, maybe not. > > We may want to take this to the linux-fs list and try to get > agreements on these points; the main reason why it's not enabled by > default in ext4 is because the NFSv4 advanced caching code is in > common use (is it even in mainline)? could you do something like defining a namespace inside posix attributes and then setting up a mechanism in the kernel to alert if the attributes change (with the entire namespace getting cleared if the file gets dirtied)? this would have the advantage of storing the clean/dirty state in a known location on the filesystem (you would need to enable posix attributes, but that should be an acceptable limit), and would allow multiple scanners (virii, indexing, etc) to do their own thing at their own schedule when things get dirtied. the userspace library calls that open the files would be able to take care of the issue of deciding which of the configured scanners on a system should be called for each attribute that's not set on a file. This would seem to require minimal kernel support 1. reserve a attribute namespace 2. clear that namespace if the file is dirtied 3. provide a notification mechanism for programs to subscribe to that lists all files where the namespace was not already empty when the file was dirtied. everything else can be userspace. David Lang -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists