| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAHk-=wiyuiqR9wJ5pn_d-vmPL9uOFtTVuJsjVxkWvvwzhWEP4A@mail.gmail.com>
Date: Mon, 27 Jan 2025 16:43:13 -0800
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: Al Viro <viro@...iv.linux.org.uk>
Cc: Sasha Levin <sashal@...nel.org>, linux-fsdevel@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [git pull] d_revalidate pile
On Mon, 27 Jan 2025 at 16:27, Al Viro <viro@...iv.linux.org.uk> wrote:
>
> struct external_name {
> atomic_t count;
> struct rcu_head head;
> unsigned char name[] __aligned(sizeof(unsigned long));
> };
Btw, now that the external name looks like this, and has a 32-bit hole
on 64-bit, I wonder if we should just add a length to the external
name.
It would be free on 64-bit, and it would actually mean that we could
atomically load the name and the length for external names and never
worry about any overruns.
The internal name would still race, since the length in the dentry can
change at any time under us, but any code that really needs to avoid
an overrun and doesn't take any locks can still do things like
if (name == &dentry->d_iname && len >= DNAME_INLINE_LEN)
.. we know we raced ..
and for things like d_path() or similar at worst it can just limit len
to DNAME_INLINE_LEN-1 or whatever.
I'm thinking mainly dentry_string_cmp(), which currently does things
one byte at a time at least partially for the "I must not overrun a
NUL character because 'len' may be bogus" reason.
Maybe I'm just being silly.
Linus
Powered by blists - more mailing lists