lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 23 Jan 2019 10:37:18 +0100 From: Miklos Szeredi <miklos@...redi.hu> To: Kirill Tkhai <ktkhai@...tuozzo.com> Cc: linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH RFC] fuse: Prevent background write requests increase inode size On Tue, Nov 6, 2018 at 3:03 PM Kirill Tkhai <ktkhai@...tuozzo.com> wrote: > > Hi, Miklos, > > this is not a well-tested patch, this is a concept, > showing the places, where it looks we have a problem. > > Commit 7879c4e58b7c made io->async careless about inode size, > and this is wrong. Asyncronuos background requests may be sent > to userspace after inode becomes unlocked, when background > queue is throttled. In this case we execute a write request > extending inode size without any protection, and this ruines > everything. Fix that. > > Also, some write background requests do not increment fi->writectr, > e.g.: > fuse_direct_IO() > fuse_direct_io() > fuse_send_write() > fuse_async_req_send() > fuse_request_send_background() inode_lock should prevent mischief for sync DIO. For AIO DIO the order of operations is not deterministic, so it's fine if truncate and an extending AIO write race, as far as I understand. Thanks, Miklos
Powered by blists - more mailing lists