| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 30 Mar 2017 11:19:53 -0700
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: Christoph Hellwig <hch@....de>
Cc: Alexander Viro <viro@...iv.linux.org.uk>,
Linux API <linux-api@...r.kernel.org>,
linux-fsdevel <linux-fsdevel@...r.kernel.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
libc-alpha <libc-alpha@...rceware.org>
Subject: Re: RFC: reject unknown open flags
On Thu, Mar 30, 2017 at 10:21 AM, Christoph Hellwig <hch@....de> wrote:
>
> Failure atomic file updates, aka O_ATOMIC:
>
> https://lwn.net/Articles/573092/
>
> Currently the way to probe for it is a new ioctl to check if atomicy
> is offered. This should work, but it's rather fragile..
So quite frankly, I'd much rather see that people who really want to
check would instead just
fd = open(... O_ATOMIC);
if (fd < 0)
.. regular error handling ..
/* Did we actually get O_ATOMIC? */
if (!(O_ATOMIC & fnctl(fd, F_GETFL, NULL)))
.. warn about lack of O_ATOMIC ..
because I suspect that you will find users that might *want* atomic
behavior, but in the absence of atomicity guarantees will want to
still be able to do IO.
The above kind of model seems much more straightforward, and has no
backwards/forwards compatibility issues I can see.
I'm assuming you'd also possible want to be able to use F_SETFL to set
O_ATOMIC after the fact (independently of the open - I could see tools
like "dd" growing an atomic flag and setting it on stdout), so the
F_GETFL interface seems natural for that reason too.
Linus
Powered by blists - more mailing lists