lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <4169b326-a8ff-5fc4-0e5e-393569273267@digidescorp.com>
Date:   Mon, 19 Aug 2019 07:10:24 -0500
From:   Steve Magnani <steve.magnani@...idescorp.com>
To:     Jan Kara <jack@...e.cz>
Cc:     Jan Kara <jack@...e.com>,
        "Steven J . Magnani" <steve@...idescorp.com>,
        linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] udf: reduce leakage of blocks related to named streams

Jan -


On 8/15/19 7:42 AM, Jan Kara wrote:
> On Wed 14-08-19 07:50:02,  Steven J. Magnani  wrote:
>> Windows is capable of creating UDF files having named streams.
>> One example is the "Zone.Identifier" stream attached automatically
>> to files downloaded from a network. See:
>>    https://msdn.microsoft.com/en-us/library/dn392609.aspx
>>
>> Modification of a file having one or more named streams in Linux causes
>> the stream directory to become detached from the file, essentially leaking
>> all blocks pertaining to the file's streams.
>>
>> Fix by saving off information about an inode's streams when reading it,
>> for later use when its on-disk data is updated.
>> <snip>
>>   	} else {
>>   		inode->i_blocks = le64_to_cpu(efe->logicalBlocksRecorded) <<
>>   		    (inode->i_sb->s_blocksize_bits - 9);
>> @@ -1498,6 +1502,16 @@ reread:
>>   		iinfo->i_lenEAttr = le32_to_cpu(efe->lengthExtendedAttr);
>>   		iinfo->i_lenAlloc = le32_to_cpu(efe->lengthAllocDescs);
>>   		iinfo->i_checkpoint = le32_to_cpu(efe->checkpoint);
>> +
>> +		/* Named streams */
>> +		iinfo->i_streamdir = (efe->streamDirectoryICB.extLength != 0);
>> +		iinfo->i_locStreamdir =
>> +			lelb_to_cpu(efe->streamDirectoryICB.extLocation);
>> +		iinfo->i_lenStreams = le64_to_cpu(efe->objectSize);
>> +		if (iinfo->i_lenStreams >= inode->i_size)
>> +			iinfo->i_lenStreams -= inode->i_size;
>> +		else
>> +			iinfo->i_lenStreams = 0;
> Hum, maybe you could just have i_objectSize instead of i_lenStreams? You
> use the field just to preserve objectSize anyway so there's no point in
> complicating it.
>

I started making this change and found that it actually complicates things more,
by forcing the driver to update i_objectSize everywhere that i_size is changed.
Are you sure this is what you want?

------------------------------------------------------------------------
  Steven J. Magnani               "I claim this network for MARS!
  www.digidescorp.com              Earthling, return my space modulator!"

  #include <standard.disclaimer>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ