lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Mon, 18 Feb 2019 23:23:14 -0800 (PST)
From:   Hugh Dickins <hughd@...gle.com>
To:     Al Viro <viro@...iv.linux.org.uk>
cc:     Hugh Dickins <hughd@...gle.com>,
        Andrew Morton <akpm@...ux-foundation.org>,
        "Darrick J. Wong" <darrick.wong@...cle.com>,
        Matej Kupljen <matej.kupljen@...il.com>,
        linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org,
        linux-mm@...ck.org
Subject: Re: [PATCH] tmpfs: fix link accounting when a tmpfile is linked in

On Tue, 19 Feb 2019, Al Viro wrote:
> On Mon, Feb 18, 2019 at 09:37:52PM -0800, Hugh Dickins wrote:
> > From: "Darrick J. Wong" <darrick.wong@...cle.com>
> > 
> > tmpfs has a peculiarity of accounting hard links as if they were separate
> > inodes: so that when the number of inodes is limited, as it is by default,
> > a user cannot soak up an unlimited amount of unreclaimable dcache memory
> > just by repeatedly linking a file.
> > 
> > But when v3.11 added O_TMPFILE, and the ability to use linkat() on the fd,
> > we missed accommodating this new case in tmpfs: "df -i" shows that an
> > extra "inode" remains accounted after the file is unlinked and the fd
> > closed and the actual inode evicted.  If a user repeatedly links tmpfiles
> > into a tmpfs, the limit will be hit (ENOSPC) even after they are deleted.
> > 
> > Just skip the extra reservation from shmem_link() in this case: there's
> > a sense in which this first link of a tmpfile is then cheaper than a
> > hard link of another file, but the accounting works out, and there's
> > still good limiting, so no need to do anything more complicated.
> > 
> > Fixes: f4e0c30c191 ("allow the temp files created by open() to be linked to")
> > Reported-by: Matej Kupljen <matej.kupljen@...il.com>
> > Signed-off-by: Darrick J. Wong <darrick.wong@...cle.com>
> > Signed-off-by: Hugh Dickins <hughd@...gle.com>
> 
> FWIW, Acked-by: Al Viro <viro@...iv.linux.org.uk>

It's Worth A Lot, thanks Al. And I apologize for the cheeky "Fixes"
line, when a fair view would blame me for earlier adding the
weirdness fixed.

> 
> Or I can drop it into vfs.git - up to you.

Andrew usually gathers the mm/shmem.c mods (unless it's you doing an
fs-wide sweep), so I was pointing it towards him; and I don't think it's
in dire need of a last minute rush to 5.0, though no harm in there either.
I'll say leave it to Andrew - and leave it to him to say the reverse :)

Thanks,
Hugh

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ