Hello Jan,
On Wed, Nov 02, 2005 at 10:27:22PM +0100, Jan Kasprzak wrote:
> Hello, world!\n
>
> I have found that after the system crash (e.h. a hard reset or a power
> failure) XFS corrupts files which have been written to just before the crash:
> The result is that those files contain data from random blocks on the
> disk (e.g. from previously deleted files). This can have security/privacy
> implications - users can see the contents of other users' old files.
If you think you have found a security issue, it would be courteous
to at least discuss this with the maintainers first. And since you
are a frequent linux-xfs list poster too, it seems a bit odd that
you're reporting this on linux-kernel instead... *shrug*, whatever.
This issue affects every filesystem, right? Or are you claiming its
only XFS affected here? Have you run your parallel-buffered-writers
test case on any other filesystems? I'd be interested in the results,
in particular, with all of the data=xxx modes of other filesystems.
> either). Does XFS support a something like ext3's "data=ordered" mount
> option?
No, it doesn't.
> Otherwise it is pretty unusable on multi-user systems.
That's a ridiculous assertion. While this small metadata vs. buffered-
data-write window exists on _any_ filesystem not using a data=ordered/
data=journaled mode (which I believe is quite a common mode of operation
even on filesystems that offer those modes), it is impossible to exploit
this in any sane way. You'd think people on a multi-user system might
actually notice the machine being frequently rebooted while you try to
tickle this window to get at "interesting" uninitialised freespace, no?
Having said that, a data=ordered mode for XFS would be a nice feature.
It just hasn't reached the top of our priority list, and its not been
offered up as a patch by anyone yet. If anyone's interested in writing
this, they should coordinate with hch and myself - there's a fair bit
of I/O path work being done at the moment, which in the end will make
a data=ordered mode alot easier to implement.
cheers.
--
Nathan
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]