| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 11 Nov 2010 10:36:48 +1100 From: Dave Chinner <david@...morbit.com> To: Theodore Tso <tytso@....EDU> Cc: Linus Torvalds <torvalds@...ux-foundation.org>, Jens Axboe <axboe@...nel.dk>, dave b <db.pub.mail@...il.com>, Sanjoy Mahajan <sanjoy@...n.edu>, Jesper Juhl <jj@...osbits.net>, Chris Mason <chris.mason@...cle.com>, Ingo Molnar <mingo@...e.hu>, Pekka Enberg <penberg@...nel.org>, Aidar Kultayev <the.aidar@...il.com>, linux-kernel@...r.kernel.org, linux-mm@...ck.org, Andrew Morton <akpm@...ux-foundation.org>, Peter Zijlstra <a.p.zijlstra@...llo.nl>, Nick Piggin <npiggin@...e.de>, Arjan van de Ven <arjan@...radead.org>, Thomas Gleixner <tglx@...utronix.de>, Corrado Zoccolo <czoccolo@...il.com>, Shaohua Li <shaohua.li@...el.com>, Steven Barrett <damentz@...il.com> Subject: Re: 2.6.36 io bring the system to its knees On Wed, Nov 10, 2010 at 09:33:29AM -0500, Theodore Tso wrote: > > On Nov 9, 2010, at 8:32 PM, Dave Chinner wrote: > > > Don't forget to mention data=writeback is not the default because if > > your system crashes or you lose power running in this mode it will > > *CORRUPT YOUR FILESYSTEM* and you *WILL LOSE DATA*. Not to mention > > the significant security issues (e.g stale data exposure) that also > > occur even if the filesystem is not corrupted by the crash. IOWs, > > data=writeback is the "fast but I'll eat your data" option for ext3. > > This is strictly speaking not true. Using data=writeback will not > cause you to lose any data --- at least, not any more than you > would without the feature. If you have applications that write > files in an unsafe way, that data is going to be lost, one way or > another. (i.e., with XFS in a similar situation you'll get a > zero-length file) The difference is that in the case of a system > crash, there may be unwritten data revealed if you use > data=writeback. This could be a security exposure, especially if > you are using your system in as time-sharing system, and where you > see the contents of deleted files belonging to another user. In theory, that's all that is _supposed_ to happen. However, my recent experience is that massive ext3 filesystem corruption occurs in data=writeback mode when the system crashes and that does not happen in ordered mode. Why do you think i posted the patches to change the default back to ordered mode a few months back? I basically trashed the root ext3 partitions on three test machines (to the point where >5000 files across /sbin, /bin, /lib and /usr were corrupted or missing and I had to reinstall from scratch) when I'd forgotten to set the ordered-is-defult config option in the kernel i was testing. And that is when the only thing being written to the root filesystems was log files... The worst part about this was that I also had ext3 filesystems corrupted by crashes in such a way that e2fsck didn't detect it but they would repeatedly trigger kernel crashes at runtime.... > So it is not an "eat your data" situation, My experience says otherwise.... Cheers, Dave. -- Dave Chinner david@...morbit.com -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists