| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20251106180103.923856-1-mjguzik@gmail.com>
Date: Thu, 6 Nov 2025 19:00:58 +0100
From: Mateusz Guzik <mjguzik@...il.com>
To: brauner@...nel.org
Cc: viro@...iv.linux.org.uk,
jack@...e.cz,
linux-kernel@...r.kernel.org,
linux-fsdevel@...r.kernel.org,
linux-ext4@...r.kernel.org,
tytso@....edu,
torvalds@...ux-foundation.org,
josef@...icpanda.com,
linux-btrfs@...r.kernel.org,
Mateusz Guzik <mjguzik@...il.com>
Subject: [PATCH v2 0/4] permission check avoidance during lookup
To quote from patch 1:
<quote>
Vast majority of real-world lookups happen on directories which are
traversable by anyone. Figuring out that this holds for a given inode
can be done when instantiating it or changing permissions, avoiding the
overhead during lookup. Stats below.
A simple microbench of stating /usr/include/linux/fs.h on ext4 in a loop
on Sapphire Rapids (ops/s):
before: 3640352
after: 3797258 (+4%)
</quote>
During a kernel build about 90% of all lookups managed to skip
permission checks in my setup, see the commit message for a breakdown.
WARNING: more testing is needed for correctness, but I'm largely happy
with the state as is.
WARNING: I'm assuming the following bit is applied:
diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c
index 78ea864fa8cd..eaf776cd4175 100644
--- a/fs/ext4/inode.c
+++ b/fs/ext4/inode.c
@@ -5518,6 +5518,10 @@ struct inode *__ext4_iget(struct super_block *sb, unsigned long ino,
goto bad_inode;
brelse(iloc.bh);
+ /* Initialize the "no ACL's" state for the simple cases */
+ if (!ext4_test_inode_state(inode, EXT4_STATE_XATTR) && !ei->i_file_acl)
+ cache_no_acl(inode);
+
unlock_new_inode(inode);
return inode;
Lack of the patch does not affect correctness, but it does make the
patch ineffective for ext4. I did not include it in the posting as other
people promised to sort it out.
Discussion is here with an ack from Jan:
https://lore.kernel.org/linux-fsdevel/kn44smk4dgaj5rqmtcfr7ruecixzrik6omur2l2opitn7lbvfm@rm4y24fcfzbz/T/#m30d6cea6be48e95c0d824e98a328fb90c7a5766d
and full thread:
https://lore.kernel.org/linux-fsdevel/kn44smk4dgaj5rqmtcfr7ruecixzrik6omur2l2opitn7lbvfm@rm4y24fcfzbz/T/#t
v2:
- productize
- btrfs and tmpfs support
Mateusz Guzik (4):
fs: speed up path lookup with cheaper MAY_EXEC checks
ext4: opt-in for IOP_MAY_FAST_EXEC
btrfs: opt-in for IOP_MAY_FAST_EXEC
tmpfs: opt-in for IOP_MAY_FAST_EXEC
fs/attr.c | 1 +
fs/btrfs/inode.c | 12 +++++-
fs/ext4/inode.c | 2 +
fs/ext4/namei.c | 1 +
fs/namei.c | 95 +++++++++++++++++++++++++++++++++++++++++++++-
fs/posix_acl.c | 1 +
fs/xattr.c | 1 +
include/linux/fs.h | 21 +++++++---
mm/shmem.c | 9 +++++
9 files changed, 134 insertions(+), 9 deletions(-)
--
2.48.1
Powered by blists - more mailing lists