On Wed, Nov 02, 2005 at 10:27:22PM +0100, Jan Kasprzak wrote:
> Hello, world!\n
> I have found that after the system crash (e.h. a hard reset or a power
> failure) XFS corrupts files which have been written to just before the crash:
> The result is that those files contain data from random blocks on the
> disk (e.g. from previously deleted files). This can have security/privacy
> implications - users can see the contents of other users' old files.
If you think you have found a security issue, it would be courteous
to at least discuss this with the maintainers first. And since you
are a frequent linux-xfs list poster too, it seems a bit odd that
you're reporting this on linux-kernel instead... *shrug*, whatever.
This issue affects every filesystem, right? Or are you claiming its
only XFS affected here? Have you run your parallel-buffered-writers
test case on any other filesystems? I'd be interested in the results,
in particular, with all of the data=xxx modes of other filesystems.
> either). Does XFS support a something like ext3's "data=ordered" mount
No, it doesn't.
> Otherwise it is pretty unusable on multi-user systems.
That's a ridiculous assertion. While this small metadata vs. buffered-
data-write window exists on _any_ filesystem not using a data=ordered/
data=journaled mode (which I believe is quite a common mode of operation
even on filesystems that offer those modes), it is impossible to exploit
this in any sane way. You'd think people on a multi-user system might
actually notice the machine being frequently rebooted while you try to
tickle this window to get at "interesting" uninitialised freespace, no?
Having said that, a data=ordered mode for XFS would be a nice feature.
It just hasn't reached the top of our priority list, and its not been
offered up as a patch by anyone yet. If anyone's interested in writing
this, they should coordinate with hch and myself - there's a fair bit
of I/O path work being done at the moment, which in the end will make
a data=ordered mode alot easier to implement.