lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 18 Sep 2023 15:39:39 -0400
From:   Jeff Layton <jlayton@...nel.org>
To:     Linus Torvalds <torvalds@...ux-foundation.org>,
        Christian Brauner <brauner@...nel.org>, Jan Kara <jack@...e.cz>
Cc:     linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [GIT PULL] timestamp fixes

On Mon, 2023-09-18 at 11:24 -0700, Linus Torvalds wrote:
> On Mon, 18 Sept 2023 at 04:54, Christian Brauner <brauner@...nel.org> wrote:
> > 
> > * Only update the atime if "now" is later than the current value. This
> >   can happen when the atime gets updated with a fine-grained timestamp
> >   and then later gets updated using a coarse-grained timestamp.
> 
> I pulled this, and then I unpulled it again.
> 
> I think this is fundamentally wrong.
> 
> If somebody has set the time into the future (for whatever reason -
> maybe the clocks were wrong at some point), afaik accessing a file
> should reset it, and very much used to do that.
> 
> Am I missing something? Because this really seems *horribly* broken garbage.
> 
> Any "go from fine-grained back to coarse-grained" situation needs to
> explicitly test *that* case.
> 
> Not some kind of completely broken "don't update to past value" like this.
> 

Fair point.  Now that I've considered it some more, I think that commit
7df48e7d99a4 (fs: don't update the atime if existing atime is newer than
"now") is not necessary.

What prompted this was a bug report from the kernel test robot that
showed the atime going backward on a STRICTATIME LTP test, but I think
the root cause of that was the missing ctime initialization after
allocation that we fixed in 0a22d3ff61b7 (fs: initialize
inode->__i_ctime to the epoch).

In general, we always update the atime with a coarse-grained timestamp,
since atime and ctime updates are never done together during normal read
and write operations. As you note, things are a little more murky with
utimes() updates but I think we should be safe to overwrite the atime
with a coarse-grained timestamp unconditionally.

We should be able to just drop that patch from the series. Whether you
want to pull the rest now or wait for a bit, I'll leave up to you and
Christian to decide.

Thanks,
-- 
Jeff Layton <jlayton@...nel.org>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ