| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aQQ0DLqL0iVN7D15@arch-box> Date: Thu, 30 Oct 2025 23:59:08 -0400 From: Albin Babu Varghese <albinbabuvarghese20@...il.com> To: Heming Zhao <heming.zhao@...e.com> Cc: Ahmet Eray Karadag <eraykrdg1@...il.com>, mark@...heh.com, jlbec@...lplan.org, joseph.qi@...ux.alibaba.com, ocfs2-devel@...ts.linux.dev, linux-kernel@...r.kernel.org, david.hunter.linux@...il.com, skhan@...uxfoundation.org, syzbot+b93b65ee321c97861072@...kaller.appspotmail.com Subject: Re: [RFC RFT PATCH] ocfs2: Mark inode bad upon validation failure during read Hi Heming, Thanks for the feedback. > > I had one question about your proposal to combine this patch with > > Albin's [1]. When you mentioned, "We should forbid any write > > operations," were you referring to Albin's read-only check in > > ocfs2_setattr as the mechanism to "forbid" the operation? Or > > were you suggesting we should use the inode size sanity check > > itself (e.g., by converting the BUG_ON to an -EIO return) > > as that mechanism? > > > > The 'forbid' refers to the read-only check in ocfs2_setattr. > We can refer to ext4_setattr(), which calls ext4_emergency_state() > to forbid write operations. I just looked at the ext4 implementation you mentioned. When we were working on it, I actually referenced how XFS's setattr was handling this because I couldn't find the exact ext4 implementation for this at the time, so I wasn't sure. From what I understand now, ext4 is doing something similar too. If everything looks good, we can combine these two patches and send them as a patch series. Best, Albin
Powered by blists - more mailing lists