| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 04 Aug 2020 19:38:59 +0800
From: Ian Kent <raven@...maw.net>
To: Miklos Szeredi <miklos@...redi.hu>,
David Howells <dhowells@...hat.com>
Cc: Linus Torvalds <torvalds@...ux-foundation.org>,
Al Viro <viro@...iv.linux.org.uk>,
Casey Schaufler <casey@...aufler-ca.com>,
Stephen Smalley <sds@...ho.nsa.gov>,
Nicolas Dichtel <nicolas.dichtel@...nd.com>,
Christian Brauner <christian@...uner.io>, andres@...razel.de,
Jeff Layton <jlayton@...hat.com>, dray@...hat.com,
Karel Zak <kzak@...hat.com>, keyrings@...r.kernel.org,
Linux API <linux-api@...r.kernel.org>,
linux-fsdevel@...r.kernel.org,
LSM <linux-security-module@...r.kernel.org>,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH 13/17] watch_queue: Implement mount topology and
attribute change notifications [ver #5]
On Mon, 2020-08-03 at 11:29 +0200, Miklos Szeredi wrote:
> On Thu, Jul 23, 2020 at 12:48 PM David Howells <dhowells@...hat.com>
> wrote:
>
> > > > __u32 topology_changes;
> > > > __u32 attr_changes;
> > > > __u32 aux_topology_changes;
> > >
> > > Being 32bit this introduces wraparound effects. Is that really
> > > worth it?
> >
> > You'd have to make 2 billion changes without whoever's monitoring
> > getting a
> > chance to update their counters. But maybe it's not worth it
> > putting them
> > here. If you'd prefer, I can make the counters all 64-bit and just
> > retrieve
> > them with fsinfo().
>
> Yes, I think that would be preferable.
I think this is the source of the recommendation for removing the
change counters from the notification message, correct?
While it looks like I may not need those counters for systemd message
buffer overflow handling myself I think removing them from the
notification message isn't a sensible thing to do.
If you need to detect missing messages, perhaps due to message buffer
overflow, then you need change counters that are relevant to the
notification message itself. That's so the next time you get a message
for that object you can be sure that change counter comparisons you
you make relate to object notifications you have processed.
Yes, I know it isn't quite that simple, but tallying up what you have
processed in the current batch of messages (or in multiple batches of
messages if more than one read has been possible) to perform the check
is a user space responsibility. And it simply can't be done if the
counters consistency is in question which it would be if you need to
perform another system call to get it.
It's way more useful to have these in the notification than obtainable
via fsinfo() IMHO.
>
> > > > n->watch.info & NOTIFY_MOUNT_IS_RECURSIVE if true
> > > > indicates that
> > > > the notifcation was generated by an event (eg. SETATTR)
> > > > that was
> > > > applied recursively. The notification is only
> > > > generated for the
> > > > object that initially triggered it.
> > >
> > > Unused in this patchset. Please don't add things to the API
> > > which are not
> > > used.
> >
> > Christian Brauner has patches for mount_setattr() that will need to
> > use this.
>
> Fine, then that patch can add the flag.
>
> Thanks,
> Miklos
Powered by blists - more mailing lists