lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1325804994.2062.63.camel@falcor.watson.ibm.com>
Date:	Thu, 05 Jan 2012 18:09:53 -0500
From:	Mimi Zohar <zohar@...ux.vnet.ibm.com>
To:	Andrew Morton <akpm@...ux-foundation.org>
Cc:	James Bottomley <James.Bottomley@...senPartnership.com>,
	Greg KH <greg@...ah.com>,
	Dmitry Kasatkin <dmitry.kasatkin@...el.com>,
	linux-fsdevel@...r.kernel.org,
	linux-security-module@...r.kernel.org, viro@...iv.linux.org.uk,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH v3 1/1] vfs: iversion truncate bug fix

On Thu, 2012-01-05 at 14:30 -0800, Andrew Morton wrote:
> On Thu, 05 Jan 2012 10:39:41 -0800
> James Bottomley <James.Bottomley@...senPartnership.com> wrote:
> 
> > > > Please, go read Documentation/stable_kernel_rules.txt for how to
> > > > properly submit patches to the stable kernel tree.  The information here
> > > > needs to be in the patch changelog itself, not in some random email
> > > > thread that will get lost instantly into my email-archive-from-hell
> > > > after I am done reading this.
> > > > 
> > > > greg k-h
> > > 
> > > Yes, I've read Documentation/stable_kernel_rules.txt and think this
> > > patch meets the criteria for being backported.
> > > 
> > > As far as I'm aware, this patch hasn't been upstreamed yet and is
> > > waiting for someone, besides myself, to Ack it.  Once Acked, either
> > > Dmitry or I can send a pull request with an updated patch description.
> > > Should this patch go in via the security tree?
> > 
> > If it hasn't been upstreamed yet, just make sure you put
> > 
> > cc: stable@...nel.org
> > 
> > In the signoffs of the patch you're sending upstream and the backport
> > will occur automatically when the patch is finally upstreamed.
> 
> Mimi didn't write or send the patch.

Thanks for explaining it to everyone and upstreaming the patch. 

Mimi

> This happily git-free maintainer simply goes in and edits the
> changelog.  I do this very very frequently.
> 
> Here's what I currently have.  I plan to send this to Rip Van Viro.
> 
> 
> 
> 
> From: Dmitry Kasatkin <dmitry.kasatkin@...el.com>
> Subject: vfs: increment iversion when a file is truncated
> 
> When a file is truncated with truncate()/ftruncate() and then closed,
> iversion is not updated.  This patch uses ATTR_SIZE flag as an indication
> to increment iversion.
> 
> Mimi said:
> 
> On fput(), i_version is used to detect and flag files that have changed
> and need to be re-measured in the IMA measurement policy.  When a file
> is truncated with truncate()/ftruncate() and then closed, i_version is
> not updated.  As a result, although the file has changed, it will not be
> re-measured and added to the IMA measurement list on subsequent access.
> 
> Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@...el.com>
> Acked-by: Mimi Zohar <zohar@...ibm.com>
> Cc: Al Viro <viro@...iv.linux.org.uk>
> Cc: <stable@...r.kernel.org>
> Signed-off-by: Andrew Morton <akpm@...ux-foundation.org>
> ---
> 
>  fs/attr.c |    5 +++++
>  1 file changed, 5 insertions(+)
> 
> diff -puN fs/attr.c~vfs-increment-iversion-when-a-file-is-truncated fs/attr.c
> --- a/fs/attr.c~vfs-increment-iversion-when-a-file-is-truncated
> +++ a/fs/attr.c
> @@ -176,6 +176,11 @@ int notify_change(struct dentry * dentry
>  			return -EPERM;
>  	}
> 
> +	if ((ia_valid & ATTR_SIZE) && IS_I_VERSION(inode)) {
> +		if (attr->ia_size != inode->i_size)
> +			inode_inc_iversion(inode);
> +	}
> +
>  	if ((ia_valid & ATTR_MODE)) {
>  		umode_t amode = attr->ia_mode;
>  		/* Flag setting protected by i_mutex */
> _
> 


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ