| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20100216113759.GM3714@count0.beaverton.ibm.com> Date: Tue, 16 Feb 2010 03:37:59 -0800 From: Matt Helsley <matthltc@...ibm.com> To: Al Viro <viro@...IV.linux.org.uk> Cc: Matt Helsley <matthltc@...ibm.com>, linux-kernel@...r.kernel.org Subject: Re: [RFC][PATCH 0/4] Check O_* flags set with fcntl() on anon_inode files. On Mon, Feb 15, 2010 at 07:57:28PM +0000, Al Viro wrote: > On Mon, Feb 15, 2010 at 09:26:35AM -0800, Matt Helsley wrote: > > > > [PATCH 1/4] signalfd > > > > [PATCH 2/4] timerfd > > > > [PATCH 3/4] epoll > > > > [PATCH 4/4] eventfd > > > > > > > > I did not check the perf, kvm-vm, or kvm-vcpu uses of anon_inodes. > > > > > > Er... O_ASYNC is silently ignored for regular files as well, so any > > > userland code that tries to rely on fcntl() rejecting it is and always > > > had been badly b0rken. > > > > Of course. Did you mean to imply that the kernel shouldn't bother to > > reject these, or were you merely making an observation? > > I'm wondering why should we start changing that behaviour and what makes > these 4 cases special? I'm not saying we should change behavior for regular files. We should check these because they're already being checked inside the special syscalls that open these files. Without these patches fcntl(F_SETFL) is a way around those checks for these interfaces. Cheers, -Matt Helsley -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists