lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Date:	Thu, 19 May 2016 10:05:43 +0200
From:	Miklos Szeredi <>
To:	Jens Axboe <>
Cc:	Abhijith Das <>,
	Linux-Fsdevel <>,,
	Kernel Mailing List <>,
	Linus Torvalds <>
Subject: why does page_cache_pipe_buf_confirm() need to check page->mapping?

Hi Jens,

I haven't done a great deal of research into this, but checking
page->mapping in page_cache_pipe_buf_confirm() might be bogus.

If the page is truncated *after* being spliced into the pipe, why on
earth does the buffer become invalid?

This looks to be a problem for filesystems that invalidate pages
(because the the data is possibly stale) and the pipe read returns
-ENODATA even though the data is there, it's just possibly different
from what was spliced into the pipe.  But I don't think that's a
reason for throwing away that buffer and definitely not a reason to
return an error.


Powered by blists - more mailing lists