| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 26 Nov 2017 09:32:02 +1100
From: Dave Chinner <david@...morbit.com>
To: Andreas Dilger <adilger@...ger.ca>
Cc: Andi Kleen <andi@...stfloor.org>, Theodore Ts'o <tytso@....edu>,
Tahsin Erdogan <tahsin@...gle.com>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
linux-fsdevel <linux-fsdevel@...r.kernel.org>,
linux-ext4 <linux-ext4@...r.kernel.org>
Subject: Re: regression: 4.13 cannot follow symlinks on some ext3 fs
On Fri, Nov 24, 2017 at 03:03:37PM -0700, Andreas Dilger wrote:
> On Nov 24, 2017, at 9:51 AM, Andi Kleen <andi@...stfloor.org> wrote:
> >
> >> We checked old kernels, and old e2fsprogs, and didn't see any cases
> >> where fast (<= 60 chars) symlinks were created using external blocks.
> >> It seems that _something_ did create them, and it would be good to
> >> figure that out so we can determine if it is a widespread problem
> >
> > I assume it was the original kernel.
> >
> >>
> >> I think e2fsck can fix this quite easily, and there really isn't
> >> an easy way to revert to the old method if the large xattr feature
> >> is enabled. If you are willing to run a new kernel, you should also
> >> be willing to run a new e2fsck.
> >
> > It's obviously not enabled on ext3.
> >
> >> We could probably add a fallback to the old mechanism (and print
> >> a one-time warning to upgrade to a newer e2fsck) if an external fast
> >> symlink is found and the large xattr feature is not enabled, which
> >> would give more time to fix this (hopefully rare in the wild) case.
> >
> > If the old kernel created it, then likely all the
> > /lib{,64}/ld-linux.so.2 symlinks have that, which breaks all ELF
> > executables. I suspect in these old file systems it's not particularly rare.
>
> Sure, but not many people are going to be running a 4.14 kernel with
> a 2007 system.
I have multiple test VMs with root ext3 filesystems that date back
that far. Looks like the original install the root fs image was
derived from came from around 2006:
$ ls -lt /etc |tail -1
-rw-r--r-- 1 root root 9 Aug 8 2006 host.conf
$ ls -lt /usr/bin |tail -2
-rwxr-xr-x 1 root root 2038 Jun 18 2006 defoma-hints
-rwxr-xr-x 1 root root 1761 Jun 18 2006 dh_installdefoma
$ uname -a
Linux test4 4.14.0-dgc #211 SMP PREEMPT Thu Nov 23 16:49:31 AEDT 2017 x86_64 GNU/Linux
$
These VMs are in use 24x7, and have been since they were created way
back when. When something in ext3 breaks, I tend to notice it and
report it.
They don't have any whacky symlinks around, but the modern ext4 code
does try to eat these filesystems every so often. Extended operation
at ENOSPC will eventually corrupt the rootfs and crash the kernel,
and then I play the "e2fsck doesn't detect corruption, kernel does"
game to get them fixed up and working again....
> > Requiring new e2fsck on old systems is a bad idea.
>
> Any worse an idea than running a new kernel on an old system?
> Newer e2fsck fixes a lot of bugs that are present in older
> e2fsck as well...
I'm running with everything up to date (debian unstable) on these
VMs, they are just an old filesystem because some distros have had
reliable rolling updates for the entire life of these VMs. :P
Cheers,
Dave.
--
Dave Chinner
david@...morbit.com
Powered by blists - more mailing lists