| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 28 Jul 2023 21:20:48 -0700
From: Eric Biggers <ebiggers@...nel.org>
To: Gabriel Krisman Bertazi <krisman@...e.de>
Cc: viro@...iv.linux.org.uk, brauner@...nel.org, tytso@....edu,
jaegeuk@...nel.org, linux-fsdevel@...r.kernel.org,
linux-ext4@...r.kernel.org, linux-f2fs-devel@...ts.sourceforge.net,
Gabriel Krisman Bertazi <krisman@...labora.com>
Subject: Re: [PATCH v4 3/7] libfs: Validate negative dentries in
case-insensitive directories
On Thu, Jul 27, 2023 at 01:28:39PM -0400, Gabriel Krisman Bertazi wrote:
> - In __lookup_slow, either the parent inode is read locked by the
> caller (lookup_slow), or it is called with no flags (lookup_one*).
> The read lock suffices to prevent ->d_name modifications, with the
> exception of one case: __d_unalias, will call __d_move to fix a
> directory accessible from multiple dentries, which effectively swaps
> ->d_name while holding only the shared read lock. This happens
> through this flow:
>
> lookup_slow() //LOOKUP_CREATE
> d_lookup()
> ->d_lookup()
> d_splice_alias()
> __d_unalias()
> __d_move()
>
> Nevertheless, this case is not a problem because negative dentries
> are not allowed to be moved with __d_move.
Isn't it possible for a negative dentry to become a positive one concurrently?
- Eric
Powered by blists - more mailing lists