Thread (11 messages) 11 messages, 4 authors, 2012-06-12

Re: [PATCH 5/4] exofs: Handle error from d_splice_alias()

From: Jan Kara <jack@suse.cz>
Date: 2012-06-12 09:04:12
Also in: linux-fsdevel

On Mon 11-06-12 15:01:08, Ted Tso wrote:
On Mon, Jun 11, 2012 at 06:41:30PM +0300, Boaz Harrosh wrote:
quoted
My point being that please any changes made to ext2, in this area please also
apply to exofs, since it is just another copy/paste of ext2. I'll ACK any
which way you guys decide to properly go with, as part of the VFS changes.
Well, I already have this quick and dirty fix to address the problem
in ext4.  See commit 7e936b7372.  If we need to make changes to all of
the file systems to accomodate some new VFS abstraction, it might be
worth considering whether it's easier/simpler to just put in a quick
check like I did for ext4 (just so I could plug the security hole[1]
quickly).

[1] It's a denial of service attack for kiosks that do automounts of
USB sticks; granted, it's not that big a of a security deal, but some
people care about such things.

Of course, if the new/changed VFS abstraction solves other problems,
that's cool, but if not, sometimes a simple brute force check is
better than something complicated if elegant.  :-)
  I think that fix in ext4 is fine. Just you don't catch the situation when
the directory entry points e.g. to a parent and that's deadlockable
trivially as well. Even if it points to some unrelated directory, you can
easily deadlock rename which tries to lock both directories. So I attempted
for a fix in VFS because that's the only place having enough information to
be able to tell whether you are creating directory hardlink or not.

								Honza
-- 
Jan Kara [off-list ref]
SUSE Labs, CR
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help