lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Mon, 26 Aug 2019 11:14:21 +0200
From:   Jan Kara <jack@...e.cz>
To:     Steve Magnani <steve.magnani@...idescorp.com>
Cc:     Jan Kara <jack@...e.cz>, Jan Kara <jack@...e.com>,
        "Steven J . Magnani" <steve@...idescorp.com>,
        linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] udf: reduce leakage of blocks related to named streams

On Mon 19-08-19 07:10:24, Steve Magnani wrote:
> Jan -
> 
> 
> On 8/15/19 7:42 AM, Jan Kara wrote:
> > On Wed 14-08-19 07:50:02,  Steven J. Magnani  wrote:
> > > Windows is capable of creating UDF files having named streams.
> > > One example is the "Zone.Identifier" stream attached automatically
> > > to files downloaded from a network. See:
> > >    https://msdn.microsoft.com/en-us/library/dn392609.aspx
> > > 
> > > Modification of a file having one or more named streams in Linux causes
> > > the stream directory to become detached from the file, essentially leaking
> > > all blocks pertaining to the file's streams.
> > > 
> > > Fix by saving off information about an inode's streams when reading it,
> > > for later use when its on-disk data is updated.
> > > <snip>
> > >   	} else {
> > >   		inode->i_blocks = le64_to_cpu(efe->logicalBlocksRecorded) <<
> > >   		    (inode->i_sb->s_blocksize_bits - 9);
> > > @@ -1498,6 +1502,16 @@ reread:
> > >   		iinfo->i_lenEAttr = le32_to_cpu(efe->lengthExtendedAttr);
> > >   		iinfo->i_lenAlloc = le32_to_cpu(efe->lengthAllocDescs);
> > >   		iinfo->i_checkpoint = le32_to_cpu(efe->checkpoint);
> > > +
> > > +		/* Named streams */
> > > +		iinfo->i_streamdir = (efe->streamDirectoryICB.extLength != 0);
> > > +		iinfo->i_locStreamdir =
> > > +			lelb_to_cpu(efe->streamDirectoryICB.extLocation);
> > > +		iinfo->i_lenStreams = le64_to_cpu(efe->objectSize);
> > > +		if (iinfo->i_lenStreams >= inode->i_size)
> > > +			iinfo->i_lenStreams -= inode->i_size;
> > > +		else
> > > +			iinfo->i_lenStreams = 0;
> > Hum, maybe you could just have i_objectSize instead of i_lenStreams? You
> > use the field just to preserve objectSize anyway so there's no point in
> > complicating it.
> > 
> 
> I started making this change and found that it actually complicates things more,
> by forcing the driver to update i_objectSize everywhere that i_size is changed.
> Are you sure this is what you want?

Aha, that's a good point! No, in that case what you did was better. I'll
just take your v2 patch then, I can make the other minor adjustments I was
suggesting when applying the patch. Thanks for looking into this!

								Honza

-- 
Jan Kara <jack@...e.com>
SUSE Labs, CR

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ