Linux-Fsdevel Archive on lore.kernel.org
 help / color / Atom feed
From: Miklos Szeredi <miklos@szeredi.hu>
To: chrisw@sous-sol.org
Cc: trond.myklebust@fys.uio.no, matthew@wil.cx,
	linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: DoS with POSIX file locks?
Date: Wed, 22 Mar 2006 07:21:54 +0100
Message-ID: <E1FLwjC-0000kJ-00@dorka.pomaz.szeredi.hu> (raw)
In-Reply-To: <20060321191605.GB15997@sorel.sous-sol.org> (message from Chris Wright on Tue, 21 Mar 2006 11:16:05 -0800)

> Concrete breakage.  Something like:
> 
> clone(CLONE_FILES)
>   /* in child */
>   lock
>   execve
>   lock
> 
> w/out the kludge[1], the lock fails.  I should have a test program about
> that I wrote to test this, although it was originally triggered via some
> LTP or LSB type of test (don't recall which).
> 
> thanks,
> -chris
> 
> [1] happy to see it go.

We all agree on this then.

I'm just little paranoid about a real-world app (LTP/LSB don't matter)
relying on the current semantics.

But maybe there's no other way to find out, than to remove
steal_locks() and see if anybody complains.

> i concur with Trond, there's no sane way to get rid of it w/out
> formalizing CLONE_FILES and locks on exec

Probably there is.  It would involve allocating a separate
lock-owner-ID stored in files_struct but separate from it.  But it's
more complicated than simply not propagating locks on exec in the
CLONE_FILES case.

Miklos

  reply index

Thread overview: 26+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2006-03-20 11:41 Miklos Szeredi
2006-03-20 12:11 ` Matthew Wilcox
2006-03-20 12:19   ` Miklos Szeredi
2006-03-20 12:39     ` Matthew Wilcox
2006-03-20 12:52       ` Miklos Szeredi
2006-03-20 13:13         ` Arjan van de Ven
2006-03-20 13:24           ` Miklos Szeredi
2006-03-20 13:30             ` Arjan van de Ven
2006-03-20 13:39               ` Miklos Szeredi
2006-03-20 15:32         ` Matthew Wilcox
2006-03-20 16:41           ` Miklos Szeredi
2006-03-20 20:35             ` J. Bruce Fields
2006-03-21  6:38               ` Miklos Szeredi
2006-03-20 18:22           ` Trond Myklebust
2006-03-21  9:44             ` Miklos Szeredi
2006-03-21 17:28               ` Trond Myklebust
2006-03-21 17:58                 ` Miklos Szeredi
2006-03-21 18:16                   ` Trond Myklebust
2006-03-21 19:16                   ` Chris Wright
2006-03-22  6:21                     ` Miklos Szeredi [this message]
2006-03-22 11:12                       ` Trond Myklebust
2006-03-22 12:16                         ` Miklos Szeredi
2006-03-22 15:56                           ` Trond Myklebust
2006-03-22 16:34                             ` Miklos Szeredi
2006-03-22 20:07                               ` Trond Myklebust
2006-03-22 20:19                                 ` Miklos Szeredi

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=E1FLwjC-0000kJ-00@dorka.pomaz.szeredi.hu \
    --to=miklos@szeredi.hu \
    --cc=chrisw@sous-sol.org \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=matthew@wil.cx \
    --cc=trond.myklebust@fys.uio.no \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Linux-Fsdevel Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-fsdevel/0 linux-fsdevel/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-fsdevel linux-fsdevel/ https://lore.kernel.org/linux-fsdevel \
		linux-fsdevel@vger.kernel.org
	public-inbox-index linux-fsdevel

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-fsdevel


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git