| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 5 Jan 2012 14:30:15 -0800
From: Andrew Morton <akpm@...ux-foundation.org>
To: James Bottomley <James.Bottomley@...senPartnership.com>
Cc: Mimi Zohar <zohar@...ux.vnet.ibm.com>, Greg KH <greg@...ah.com>,
Dmitry Kasatkin <dmitry.kasatkin@...el.com>,
linux-fsdevel@...r.kernel.org,
linux-security-module@...r.kernel.org, viro@...iv.linux.org.uk,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH v3 1/1] vfs: iversion truncate bug fix
On Thu, 05 Jan 2012 10:39:41 -0800
James Bottomley <James.Bottomley@...senPartnership.com> wrote:
> > > Please, go read Documentation/stable_kernel_rules.txt for how to
> > > properly submit patches to the stable kernel tree. The information here
> > > needs to be in the patch changelog itself, not in some random email
> > > thread that will get lost instantly into my email-archive-from-hell
> > > after I am done reading this.
> > >
> > > greg k-h
> >
> > Yes, I've read Documentation/stable_kernel_rules.txt and think this
> > patch meets the criteria for being backported.
> >
> > As far as I'm aware, this patch hasn't been upstreamed yet and is
> > waiting for someone, besides myself, to Ack it. Once Acked, either
> > Dmitry or I can send a pull request with an updated patch description.
> > Should this patch go in via the security tree?
>
> If it hasn't been upstreamed yet, just make sure you put
>
> cc: stable@...nel.org
>
> In the signoffs of the patch you're sending upstream and the backport
> will occur automatically when the patch is finally upstreamed.
Mimi didn't write or send the patch.
This happily git-free maintainer simply goes in and edits the
changelog. I do this very very frequently.
Here's what I currently have. I plan to send this to Rip Van Viro.
From: Dmitry Kasatkin <dmitry.kasatkin@...el.com>
Subject: vfs: increment iversion when a file is truncated
When a file is truncated with truncate()/ftruncate() and then closed,
iversion is not updated. This patch uses ATTR_SIZE flag as an indication
to increment iversion.
Mimi said:
On fput(), i_version is used to detect and flag files that have changed
and need to be re-measured in the IMA measurement policy. When a file
is truncated with truncate()/ftruncate() and then closed, i_version is
not updated. As a result, although the file has changed, it will not be
re-measured and added to the IMA measurement list on subsequent access.
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@...el.com>
Acked-by: Mimi Zohar <zohar@...ibm.com>
Cc: Al Viro <viro@...iv.linux.org.uk>
Cc: <stable@...r.kernel.org>
Signed-off-by: Andrew Morton <akpm@...ux-foundation.org>
---
fs/attr.c | 5 +++++
1 file changed, 5 insertions(+)
diff -puN fs/attr.c~vfs-increment-iversion-when-a-file-is-truncated fs/attr.c
--- a/fs/attr.c~vfs-increment-iversion-when-a-file-is-truncated
+++ a/fs/attr.c
@@ -176,6 +176,11 @@ int notify_change(struct dentry * dentry
return -EPERM;
}
+ if ((ia_valid & ATTR_SIZE) && IS_I_VERSION(inode)) {
+ if (attr->ia_size != inode->i_size)
+ inode_inc_iversion(inode);
+ }
+
if ((ia_valid & ATTR_MODE)) {
umode_t amode = attr->ia_mode;
/* Flag setting protected by i_mutex */
_
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists