lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAOQ4uxjX2v6nERGCPubz4NBV+4we01+=Yx-H4kMKQ78FLPv48Q@mail.gmail.com> Date: Mon, 15 Feb 2021 07:56:47 +0200 From: Amir Goldstein <amir73il@...il.com> To: Nicolas Boichat <drinkcat@...omium.org> Cc: Ian Lance Taylor <iant@...ang.org>, Dave Chinner <david@...morbit.com>, "Darrick J. Wong" <djwong@...nel.org>, Greg KH <gregkh@...uxfoundation.org>, Alexander Viro <viro@...iv.linux.org.uk>, Luis Lozano <llozano@...omium.org>, linux-fsdevel <linux-fsdevel@...r.kernel.org>, lkml <linux-kernel@...r.kernel.org> Subject: Re: [PATCH 1/6] fs: Add flag to file_system_type to indicate content is generated On Mon, Feb 15, 2021 at 3:27 AM Nicolas Boichat <drinkcat@...omium.org> wrote: > > On Mon, Feb 15, 2021 at 9:12 AM Ian Lance Taylor <iant@...ang.org> wrote: > > > > On Sun, Feb 14, 2021 at 4:38 PM Dave Chinner <david@...morbit.com> wrote: > > > > > > On Fri, Feb 12, 2021 at 03:54:48PM -0800, Darrick J. Wong wrote: > > > > On Sat, Feb 13, 2021 at 10:27:26AM +1100, Dave Chinner wrote: > > > > > > > > > If you can't tell from userspace that a file has data in it other > > > > > than by calling read() on it, then you can't use cfr on it. > > > > > > > > I don't know how to do that, Dave. :) > > > > > > If stat returns a non-zero size, then userspace knows it has at > > > least that much data in it, whether it be zeros or previously > > > written data. cfr will copy that data. The special zero length > > > regular pipe files fail this simple "how much data is there to copy > > > in this file" check... > > > > This suggests that if the Go standard library sees that > > copy_file_range reads zero bytes, we should assume that it failed, and > > should use the fallback path as though copy_file_range returned > > EOPNOTSUPP or EINVAL. This will cause an extra system call for an > > empty file, but as long as copy_file_range does not return an error > > for cases that it does not support we are going to need an extra > > system call anyhow. > > > > Does that seem like a possible mitigation? That is, are there cases > > where copy_file_range will fail to do a correct copy, and will return > > success, and will not return zero? > > I'm a bit worried about the sysfs files that report a 4096 bytes file > size, for 2 reasons: > - I'm not sure if the content _can_ actually be longer (I couldn't > find a counterexample) > - If you're unlucky enough to have a partial write in the output > filesystem, you'll get a non-zero return value and probably corrupted > content. > First of all, I am in favor of fixing the regression in the kernel caused by the change of behavior in v5.3. Having said that, I don't think it is a good idea to use ANY tool to copy a zero size pseudo file. rsync doesn't copy any data either if you try to use it to copy tracing into a temp file. I think it is perfectly sane for any tool to check file size before trying to read/copy. w.r.t. short write/short read, did you consider using the off_in/off_out arguments? I *think* current kernel CFR should be safe to use as long as the tool: 1. Checks file size before copy 2. Does not try to copy a range beyond EOF 3. Pass off_in/off_out args and verify that off_in/off_out advances as expected Thanks, Amir.
Powered by blists - more mailing lists