| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 26 Feb 2013 14:35:14 -0800 From: Andy Lutomirski <luto@...capital.net> To: Jörn Engel <joern@...fs.org> Cc: Zach Brown <zab@...hat.com>, "Myklebust, Trond" <Trond.Myklebust@...app.com>, Paolo Bonzini <pbonzini@...hat.com>, Ric Wheeler <rwheeler@...hat.com>, Linux FS Devel <linux-fsdevel@...r.kernel.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "Chris L. Mason" <clmason@...ionio.com>, Christoph Hellwig <hch@...radead.org>, Alexander Viro <aviro@...hat.com>, "Martin K. Petersen" <mkp@....net>, Hannes Reinecke <hare@...e.de>, Joel Becker <jlbec@...lplan.org> Subject: Re: New copyfile system call - discuss before LSF? On Tue, Feb 26, 2013 at 1:02 PM, Jörn Engel <joern@...fs.org> wrote: > On Mon, 25 February 2013 13:14:52 -0800, Andy Lutomirski wrote: >> >> I thought the first thing people would ask for is to atomically create a >> new file and copy the old file into it (at least on local file systems). >> The idea is that nothing should see an empty destination file, either >> by race or by crash. (This feature would perhaps be described as a >> pony, but it should be implementable.) > > Having already wasted many week trying to implement your pony, I would > consider it about as possible as winning the lottery three times in a > row. It clearly is in theory and yet,... > > If you take a filesystem like ext[34] you are out of luck. In those > filesystems it may not even be theoretically possible to get the > cleanup right for pathological cases. And if you ignore pathological > cases and depend on userspace to do the cleanup for you, you have to > do ABI extentions that I don't want to mention with Al on Cc:. My > personal notebook ran such a kernel for several years until hardware > improved to a point that I no longer wanted to forward-port the > patches. It worked but it was far from pretty. > > If you have a filesystem where you can simply bumb a reference count > to copy the file content, implementation is fairly straightforward. > But having a system call that is effectively limited to btrfs means > pretty much noone will use it - beside the people looking for > potential kernel exploits. :) > > So my vote clearly goes to some variant of sendfile or splice. Don't get me wrong -- the vpsendfile (or whatever it's called) idea sounds extremely useful too. --Andy -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists