[Top] [All Lists]

Re: [PATCH] xfsqa: test open_by_handle() on unlinked and freed inode clu

To: xfs@xxxxxxxxxxx
Subject: Re: [PATCH] xfsqa: test open_by_handle() on unlinked and freed inode clusters V2
From: Michael Monnerie <michael.monnerie@xxxxxxxxxxxxxxxxxxx>
Date: Thu, 17 Jun 2010 10:07:25 +0200
In-reply-to: <1276756659-12338-1-git-send-email-david@xxxxxxxxxxxxx>
Organization: it-management http://it-management.at
References: <1276756659-12338-1-git-send-email-david@xxxxxxxxxxxxx>
User-agent: KMail/1.12.4 (Linux/; KDE/4.3.5; x86_64; ; )
On Donnerstag, 17. Juni 2010 Dave Chinner wrote:
> Hence if we get a cold cache lookup from a stale handle that
> references such an inode, we can read the inode off disk even though
> it has been deleted because we don't check if the inode is allocated
> or not.  If the inode chunk has not been overwritten, then the inode
> read will succeed and the handle-to-dentry conversion will not error
> out like it is supposed to. The result is that stale NFS filehandles
> and open_by_handle() will succeed incorrectly on unlinked files for
> cold cache lookups.
Wouldn't that qualify as a security problem and be handled as such? 
There should be back ports for "long term support" kernels of security-
sensitive people, and so on.

mit freundlichen Grüssen,
Michael Monnerie, Ing. BSc

it-management Internet Services
http://proteger.at [gesprochen: Prot-e-schee]
Tel: 0660 / 415 65 31

// Wir haben im Moment zwei Häuser zu verkaufen:
// http://zmi.at/langegg/
// http://zmi.at/haus2009/

Attachment: signature.asc
Description: This is a digitally signed message part.

<Prev in Thread] Current Thread [Next in Thread>