| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 6 Feb 2024 04:00:13 -0500 From: Kent Overstreet <kent.overstreet@...ux.dev> To: Amir Goldstein <amir73il@...il.com> Cc: Dave Chinner <david@...morbit.com>, linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org, linux-btrfs@...r.kernel.org, linux-xfs@...r.kernel.org, linux-ext4@...r.kernel.org, Christian Brauner <brauner@...nel.org>, Jan Kara <jack@...e.cz>, Dave Chinner <dchinner@...hat.com>, "Darrick J. Wong" <djwong@...nel.org>, Theodore Ts'o <tytso@....edu>, linux-fsdevel@...r.kernel.or, Miklos Szeredi <miklos@...redi.hu> Subject: Re: [PATCH 2/6] fs: FS_IOC_GETUUID On Tue, Feb 06, 2024 at 10:24:45AM +0200, Amir Goldstein wrote: > On Tue, Feb 6, 2024 at 12:49 AM Kent Overstreet > <kent.overstreet@...ux.dev> wrote: > > > > On Tue, Feb 06, 2024 at 09:17:58AM +1100, Dave Chinner wrote: > > > On Mon, Feb 05, 2024 at 03:05:13PM -0500, Kent Overstreet wrote: > > > > Add a new generic ioctls for querying the filesystem UUID. > > > > > > > > These are lifted versions of the ext4 ioctls, with one change: we're not > > > > using a flexible array member, because UUIDs will never be more than 16 > > > > bytes. > > > > > > > > This patch adds a generic implementation of FS_IOC_GETFSUUID, which > > > > reads from super_block->s_uuid; FS_IOC_SETFSUUID is left for individual > > > > filesystems to implement. > > > > > > It's fine to have a generic implementation, but the filesystem should > have the option to opt-in for a specific implementation. > > There are several examples, even with xfs and btrfs where ->s_uuid > does not contain the filesystem's UUID or there is more than one > uuid and ->s_uuid is not the correct one to expose to the user. Yeah, some of you were smoking some good stuff from the stories I've been hearing... > A model like ioctl_[gs]etflags() looks much more appropriate > and could be useful for network filesystems/FUSE as well. A filesystem needs to store two UUIDs (that identify the filesystem as a whole). - Your internal UUID, which can never change because it's referenced in various other on disk data structures - Your external UUID, which identifies the filesystem to the outside world. Users want to be able to change this - which is why it has to be distinct from the internal UUID. The internal UUID must never be exposed to the outside world, and that includes the VFS; storing your private UUID in sb->s_uuid is wrong - separation of concerns. yes, I am aware of fscrypt, and yes, someone's going to have to fix that. This interface is only for the external/public UUID.
Powered by blists - more mailing lists