lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <87sjbnce4k.fsf@tucsk.pomaz.szeredi.hu>
Date:	Thu, 16 Aug 2012 12:42:03 +0200
From:	Miklos Szeredi <miklos@...redi.hu>
To:	sedat.dilek@...il.com
Cc:	viro@...iv.linux.org.uk, linux-fsdevel@...r.kernel.org,
	linux-kernel@...r.kernel.org, hch@...radead.org,
	torvalds@...ux-foundation.org, akpm@...ux-foundation.org,
	apw@...onical.com, nbd@...nwrt.org, neilb@...e.de,
	jordipujolp@...il.com, ezk@....cs.sunysb.edu, ricwheeler@...il.com,
	dhowells@...hat.com, hpj@...la.net, sedat.dilek@...glemail.com,
	penberg@...nel.org, goran.cetusic@...il.com, romain@...bokech.com
Subject: Re: [PATCH 08/13] fs: limit filesystem stacking depth

Sedat Dilek <sedat.dilek@...il.com> writes:

> On Wed, Aug 15, 2012 at 5:48 PM, Miklos Szeredi <miklos@...redi.hu> wrote:
>> From: Miklos Szeredi <mszeredi@...e.cz>
>>
>> Add a simple read-only counter to super_block that indicates deep this
>> is in the stack of filesystems.  Previously ecryptfs was the only
>> stackable filesystem and it explicitly disallowed multiple layers of
>> itself.
>>
>> Overlayfs, however, can be stacked recursively and also may be stacked
>> on top of ecryptfs or vice versa.
>>
>> To limit the kernel stack usage we must limit the depth of the
>> filesystem stack.  Initially the limit is set to 2.
>>
>
> Hi,
>
> I have tested OverlayFS for a long time with "fs-stack-depth=3".
> The original OverlayFS test-case script  from Jordi was slightly
> modified (see "testcase-ovl-v3.sh").
> I have sent my test-results to Andy and Jordi (tested with the
> patchset from Andy against Linux-v3.4 [1] with Ext4-FS).
> The attached test-case script *requires* "fs-stack-depth=3" to run
> properly (patch attached).
>
> So, I have 2 questions:
>
> [1] FS-stack-limitation
>
> Is a "fs-stack-depth>=2" (like "3") critical?
> Is your setting to "2" just a defensive (and initial) one?
> Can you explain your choice a bit more as ecryptFS is involved in this
> limitation, too.

If directly stacking filesystems like this on top of each other
(ecryptfs is currently the only filesystem that does this in mainline)
then the call chain can get too long and the kernel stack overflow.

Yes, setting it to 2 is defensive, it would need more stack depth
analysis to see what an acceptable number would be.


> [2] Test-Case/Use-Case scripts
>
> It would be *very very very* helpful if you could provide or even ship
> in the Linux-kernel a test-case/use-case script, Thanks!

Sure, I could add Andy's test script under the tools/ directory.  But I
don't understand why exactly it needs the stacking depth to be
increased.

Thanks,
Miklos
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ