On Sat, Aug 04, 2007 at 09:16:35PM +0200, Florian Weimer wrote:
> * Andrew Morton:
>
> > The easy preventive is to mount with data=writeback. Maybe that should
> > have been the default.
>
> The documentation I could find suggests that this may lead to a
> security weakness (old data in blocks of a file that was grown just
> before the crash leaks to a different user). XFS overwrites that data
> with zeros upon reboot, which tends to irritate users when it happens.
XFS has never overwritten data on reboot. It leaves holes when the kernel has
failed to write out data. A hole == zeros so XFS does not expose stale data in
this situation. As it is, the underlying XFS problem (lack of synchronisation
between inode size update and data writes has been mostly fixed in 2.6.22 by
only updating the file size to be written to disk on data I/O completion.
FWIW, fsync() would prevent this from happening, but many application writers
seem strangely reluctant to put fsync() calls into code to ensure the data
they write is safely on disk.....
Cheers,
Dave.
--
Dave Chinner
Principal Engineer
SGI Australian Software Group
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
