lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <CAJfpegtXhpEBOxzS=HRirZ-har6jc0TX+Fp0VkjebGqtOr3ooA@mail.gmail.com>
Date:	Mon, 7 Mar 2016 11:06:14 +0100
From:	Miklos Szeredi <miklos@...redi.hu>
To:	David Howells <dhowells@...hat.com>
Cc:	Al Viro <viro@...iv.linux.org.uk>,
	Kernel Mailing List <linux-kernel@...r.kernel.org>,
	Linux-Fsdevel <linux-fsdevel@...r.kernel.org>,
	"linux-unionfs@...r.kernel.org" <linux-unionfs@...r.kernel.org>
Subject: Re: [PATCH] overlayfs: Warn on copy up if a process has a R/O fd open
 to the lower file

On Tue, Jul 7, 2015 at 4:04 PM, David Howells <dhowells@...hat.com> wrote:
>
> Print a warning when overlayfs copies up a file if the process that triggered
> the copy up has a R/O fd open to the lower file being copied up.
>
> This can help catch applications that do things like the following:
>
>         fd1 = open("foo", O_RDONLY);
>         fd2 = open("foo", O_RDWR);
>
> where they expect fd1 and fd2 to refer to the same file - which will no longer
> be the case post-copy up.
>
> With this patch, the following commands:
>
>         bash 5</mnt/a/foo128
>         6<>/mnt/a/foo128
>
> assuming /mnt/a/foo128 to be an un-copied up file on an overlay will produce
> the following warning in the kernel log:
>
>         overlayfs: Copying up foo129, but open R/O on fd 5 which will cease to
>         be coherent [pid=3818 bash]
>
> This is enabled by setting:
>
>         /sys/module/overlay/parameters/check_copy_up
>
> to 1.
>
> The warnings are ratelimited and are also limited to one warning per file -
> assuming the copy up completes in each case.
>

Queued.

Thanks,
Miklos

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ