linux-fsdevel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Dave Chinner <david@fromorbit.com>
To: Mimi Zohar <zohar@linux.vnet.ibm.com>
Cc: Greg KH <greg@kroah.com>,
	Andrew Morton <akpm@linux-foundation.org>,
	Dmitry Kasatkin <dmitry.kasatkin@intel.com>,
	linux-fsdevel@vger.kernel.org,
	linux-security-module@vger.kernel.org, viro@zeniv.linux.org.uk,
	linux-kernel@vger.kernel.org
Subject: Re: [PATCH v3 1/1] vfs: iversion truncate bug fix
Date: Thu, 5 Jan 2012 15:53:54 +1100	[thread overview]
Message-ID: <20120105045354.GE24466@dastard> (raw)
In-Reply-To: <1325737033.13419.43.camel@falcor>

On Wed, Jan 04, 2012 at 11:17:12PM -0500, Mimi Zohar wrote:
> On Wed, 2012-01-04 at 18:06 -0800, Greg KH wrote:
> > On Wed, Jan 04, 2012 at 04:46:38PM -0800, Andrew Morton wrote:
> > > On Wed, 04 Jan 2012 19:33:49 -0500
> > > Mimi Zohar <zohar@linux.vnet.ibm.com> wrote:
> > > 
> > > > On Wed, 2012-01-04 at 15:28 -0800, Andrew Morton wrote:
> > > > > On Thu, 22 Dec 2011 08:26:30 -0500
> > > > > Mimi Zohar <zohar@linux.vnet.ibm.com> wrote:
> > > > > 
> > > > > > On Thu, 2011-12-22 at 12:54 +0200, Dmitry Kasatkin wrote:
> > > > > > > When a file is truncated with truncate()/ftruncate() and then closed,
> > > > > > > iversion is not updated. This patch uses ATTR_SIZE flag as an indication
> > > > > > > to increment iversion.
> > > > > > > 
> > > > > > > Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
> > > > > > 
> > > > > > Acked-by: Mimi Zohar <zohar@us.ibm.com> 
> > > > > > (Stable should be cc'ed on this patch.)
> > > > > 
> > > > > why?
> > > > 
> > > > Why backported?
> > > 
> > > Yes.  If you want to submit the patch to the -stable maintainer then
> > > you should explain to him why the fix is important enough to warrant
> > > doing that.  That involves explaining the user-visible effects of
> > > the bug.
> > > 
> > > >  The IMA measurement list could be incomplete.
> > > 
> > > In more detail than this.  Maybe he knows what the above sentence
> > > means, but I sure don't.
> > 
> > Nope, I don't either :)
> 
> On fput(), i_version is used to detect and flag files that have changed
> and need to be re-measured in the IMA measurement policy.  When a file
> is truncated with truncate()/ftruncate() and then closed, i_version is
> not updated.  As a result, although the file has changed, it will not be
> re-measured and added to the IMA measurement list on subsequent access.

That's seems like a rather unreliable way of detecting that a file
has changed to me.  I mean, only ext4 uses inode_inc_version() when
it internally dirties an inode, and only ext4 sets the MS_I_VERSION
so that inode_inc_version is only called for ext4 inodes when
timestamps change.

Other filesystems randomly open code i_version inrements, and many
don't touch it at all when inodes are changed, so it this really
doesn't seem like anything anyone can rely on for detecting changes
except maybe for ext4 users.

Hence just adding an increment to the truncate case doesn't seem to
be sufficient to me. e.g. what about the equivalent case of having a
hole punched in the file via fallocate? The file has definitely
changed, but i_version won't change....

Perhaps bumping i_version in __mark_inode_dirty() might be the best
way to capture all changes (other than timestamp updates) to any
inode regardless of the filesystem type?

Cheers,

Dave.
-- 
Dave Chinner
david@fromorbit.com

  reply	other threads:[~2012-01-05  4:53 UTC|newest]

Thread overview: 18+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2011-12-22 10:54 [PATCH v3 1/1] vfs: iversion truncate bug fix Dmitry Kasatkin
2011-12-22 13:26 ` Mimi Zohar
2012-01-04 23:28   ` Andrew Morton
2012-01-05  0:33     ` Mimi Zohar
2012-01-05  0:46       ` Andrew Morton
2012-01-05  2:06         ` Greg KH
2012-01-05  4:17           ` Mimi Zohar
2012-01-05  4:53             ` Dave Chinner [this message]
2012-01-05 18:14               ` Christoph Hellwig
2012-01-05 19:49                 ` Mimi Zohar
2012-01-05 21:36                 ` J. Bruce Fields
2012-01-05 22:27                 ` Mimi Zohar
2012-01-05 16:54             ` Greg KH
2012-01-05 17:19               ` Mimi Zohar
2012-01-05 18:39                 ` James Bottomley
2012-01-05 22:30                   ` Andrew Morton
2012-01-05 23:09                     ` Mimi Zohar
2012-01-13 10:13                     ` Kasatkin, Dmitry

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20120105045354.GE24466@dastard \
    --to=david@fromorbit.com \
    --cc=akpm@linux-foundation.org \
    --cc=dmitry.kasatkin@intel.com \
    --cc=greg@kroah.com \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-security-module@vger.kernel.org \
    --cc=viro@zeniv.linux.org.uk \
    --cc=zohar@linux.vnet.ibm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).