| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <77f5f47510472760ded83b343efb6be9a2afe2b7.camel@kernel.org> Date: Wed, 07 Jan 2026 10:44:00 -0500 From: Jeff Layton <jlayton@...nel.org> To: Christoph Hellwig <hch@...radead.org> Cc: Christian Brauner <brauner@...nel.org>, Al Viro <viro@...iv.linux.org.uk>, Jan Kara <jack@...e.cz>, Steve French <sfrench@...ba.org>, Paulo Alcantara <pc@...guebit.org>, Ronnie Sahlberg <ronniesahlberg@...il.com>, Shyam Prasad N <sprasad@...rosoft.com>, Tom Talpey <tom@...pey.com>, Bharath SM <bharathsm@...rosoft.com>, Trond Myklebust <trondmy@...nel.org>, Anna Schumaker <anna@...nel.org>, Eric Van Hensbergen <ericvh@...nel.org>, Latchesar Ionkov <lucho@...kov.net>, Dominique Martinet <asmadeus@...ewreck.org>, Christian Schoenebeck <linux_oss@...debyte.com>, Andreas Gruenbacher <agruenba@...hat.com>, Xiubo Li <xiubli@...hat.com>, Ilya Dryomov <idryomov@...il.com>, Hans de Goede <hansg@...nel.org>, NeilBrown <neil@...wn.name>, linux-cifs@...r.kernel.org, samba-technical@...ts.samba.org, linux-kernel@...r.kernel.org, linux-nfs@...r.kernel.org, v9fs@...ts.linux.dev, gfs2@...ts.linux.dev, ceph-devel@...r.kernel.org, linux-fsdevel@...r.kernel.org Subject: Re: [PATCH 0/6] vfs: properly deny directory leases on filesystems with special lease handling On Wed, 2026-01-07 at 07:32 -0800, Christoph Hellwig wrote: > On Wed, Jan 07, 2026 at 09:20:08AM -0500, Jeff Layton wrote: > > Long term, I think it would be best to change leases/delegations to be > > an opt-in thing, such that leases are always denied by default if the > > method isn't set. > > Agreed. > > > That's a larger patchset though as we'd need to audit > > all of the file_operations that currently have ->setlease() as NULL. > > Initially you can just wire them up everywhere. But I guess that would > be overkill. That is probably the simplest approach, but there are literally thousands of file_operations structures. Most are in driver code and have no business dealing with leases. Technically, I guess you can set a lease on those fd's today, but likely no one ever does it. We probably also don't really need lease support in (e.g.) sysfs, debugfs, etc. I'm not sure if there is anything that prevents them there. I think what we probably want to do is wire them up in most filesystems under fs/. Basically, in anything that might reasonably be exportable via NFS or SMB, and have the rest deny them. We might get a few regressions with that approach but if so we would have an opportunity to dig into why people are setting leases on these more "exotic" filesystems too. -- Jeff Layton <jlayton@...nel.org>
Powered by blists - more mailing lists