| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAJZ5v0iamJrZ5FtX8PuiAhH9yLdGapmYq40HBHtQ7QGRUEPooA@mail.gmail.com> Date: Tue, 3 Nov 2015 22:33:21 +0100 From: "Rafael J. Wysocki" <rafael@...nel.org> To: Jan Kara <jack@...e.cz> Cc: Dave Chinner <david@...morbit.com>, "Rafael J. Wysocki" <rjw@...ysocki.net>, Jiri Kosina <jikos@...nel.org>, Alan Stern <stern@...land.harvard.edu>, Pavel Machek <pavel@....cz>, "Rafael J. Wysocki" <rafael.j.wysocki@...el.com>, Christoph Hellwig <hch@....de>, Linus Torvalds <torvalds@...ux-foundation.org>, Al Viro <viro@...iv.linux.org.uk>, Tejun Heo <tj@...nel.org>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, linux-fsdevel@...r.kernel.org, "linux-pm@...r.kernel.org" <linux-pm@...r.kernel.org> Subject: Re: [PATCH 0/3] PM, vfs: use filesystem freezing instead of kthread freezer Hi, On Tue, Nov 3, 2015 at 10:31 AM, Jan Kara <jack@...e.cz> wrote: > On Tue 03-11-15 11:10:53, Dave Chinner wrote: >> On Mon, Nov 02, 2015 at 03:43:07AM +0100, Rafael J. Wysocki wrote: >> > I guess it may also helps to address the case when a device is removed from a >> > suspended system, written to on another system in the meantime and inserted >> > back into the (still suspended) original system which then is resumed. Today >> > this is an almost guaranteed data corruption scenario, but if the filesystem in >> > question is properly frozen during suspend, the driver should be able to detect >> > superblock changes during unfreeze. >> >> Never going to work. There is no guarantee that a write to a >> filesystem by a third party device is going to change the superblock >> (or any metadata in the rest of the filesystem) in any detectable >> way. Hence freezing filesystems will not prevent Bad Things >> Happening if you do this while your system is suspended. > > Agreed, we should never advertise something like this works. OTOH the truth > is that e.g. in ext4 case a simple check in ext4_unfreeze() could catch 90% > of cases where user shot himself in the foot like this (i.e., ext4 driver > will update write time in superblock if it gets mounted somewhere else and > we can check whether that didn't change in ext4_unfreeze()) and refuse to > touch the filesystem... It is not 100% reliable since user could have used > e.g. debuge2fs to arbitrarily modify the filesystem but in such cases they > have to know what they are doing anyway. Well, my idea was to use this for sanity checking. I guess that sanity checks here don't really hurt, do they? And if they fail, perhaps we can just avoid touching the fs again for safety reasons? Thanks, Rafael -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists