| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 16 Aug 2012 12:42:03 +0200 From: Miklos Szeredi <miklos@...redi.hu> To: sedat.dilek@...il.com Cc: viro@...iv.linux.org.uk, linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org, hch@...radead.org, torvalds@...ux-foundation.org, akpm@...ux-foundation.org, apw@...onical.com, nbd@...nwrt.org, neilb@...e.de, jordipujolp@...il.com, ezk@....cs.sunysb.edu, ricwheeler@...il.com, dhowells@...hat.com, hpj@...la.net, sedat.dilek@...glemail.com, penberg@...nel.org, goran.cetusic@...il.com, romain@...bokech.com Subject: Re: [PATCH 08/13] fs: limit filesystem stacking depth Sedat Dilek <sedat.dilek@...il.com> writes: > On Wed, Aug 15, 2012 at 5:48 PM, Miklos Szeredi <miklos@...redi.hu> wrote: >> From: Miklos Szeredi <mszeredi@...e.cz> >> >> Add a simple read-only counter to super_block that indicates deep this >> is in the stack of filesystems. Previously ecryptfs was the only >> stackable filesystem and it explicitly disallowed multiple layers of >> itself. >> >> Overlayfs, however, can be stacked recursively and also may be stacked >> on top of ecryptfs or vice versa. >> >> To limit the kernel stack usage we must limit the depth of the >> filesystem stack. Initially the limit is set to 2. >> > > Hi, > > I have tested OverlayFS for a long time with "fs-stack-depth=3". > The original OverlayFS test-case script from Jordi was slightly > modified (see "testcase-ovl-v3.sh"). > I have sent my test-results to Andy and Jordi (tested with the > patchset from Andy against Linux-v3.4 [1] with Ext4-FS). > The attached test-case script *requires* "fs-stack-depth=3" to run > properly (patch attached). > > So, I have 2 questions: > > [1] FS-stack-limitation > > Is a "fs-stack-depth>=2" (like "3") critical? > Is your setting to "2" just a defensive (and initial) one? > Can you explain your choice a bit more as ecryptFS is involved in this > limitation, too. If directly stacking filesystems like this on top of each other (ecryptfs is currently the only filesystem that does this in mainline) then the call chain can get too long and the kernel stack overflow. Yes, setting it to 2 is defensive, it would need more stack depth analysis to see what an acceptable number would be. > [2] Test-Case/Use-Case scripts > > It would be *very very very* helpful if you could provide or even ship > in the Linux-kernel a test-case/use-case script, Thanks! Sure, I could add Andy's test script under the tools/ directory. But I don't understand why exactly it needs the stacking depth to be increased. Thanks, Miklos -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists