From: Al Viro <viro@ZenIV.linux.org.uk>
To: Dan Luedtke <mail@danrl.de>
Cc: Jochen Striepe <jochen@tolot.escape.de>,
Marco Stornelli <marco.stornelli@gmail.com>,
linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org,
lanyfs@librelist.com
Subject: Re: [PATCH] fs: Introducing Lanyard Filesystem
Date: Sun, 19 Aug 2012 15:27:32 +0100 [thread overview]
Message-ID: <20120819142732.GB23464@ZenIV.linux.org.uk> (raw)
In-Reply-To: <1345390432.2716.34.camel@tunafish>
On Sun, Aug 19, 2012 at 05:33:52PM +0200, Dan Luedtke wrote:
> Still wondering if anyone bothers to actually look at the code?
Some obvious notes:
* unlimited recursion is a killer; here its depth is controlled
by the fs image contents and it's trivial to cook one that would overflow
kernel stack. Seeing that you want to use it for removable media, that's
a gaping security hole right there
* unlink() does *not* truncate the file contents; file that had been
opened and unlinked should keep its contents until it's closed. The same
goes for overwriting rename().
* while we are at it, neither of those should free the on-disk
inode; again, that should happen only when the inode is evicted.
* I might be missing something, but copying a bunch of files
with something like cp /foo/* /mnt seems to be guaranteed to create
really lousy binary tree in target directory (they will go in lexicographical
order and you don't seem to rebalance the tree at all)
* you are really abusing iget() there. Leaving the locking issues
aside, that's going to get you icache filled with irrelevant stuff. Moreover,
it's far too heavy a club; allocating and filling struct inode when all you
really need is name and a couple of pointers in the disk block?
* minor point, but endianness-flipping in place is *the* way to get
hard-to-catch endianness bugs. foo = cpu_to_le64(foo) is a bloody bad idea;
either use object for host-endian all along, or use it only for (in your
case) little-endian.
next prev parent reply other threads:[~2012-08-19 14:27 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-08-18 23:38 [PATCH] fs: Introducing Lanyard Filesystem Dan Luedtke
2012-08-18 22:06 ` Alan Cox
2012-08-18 22:16 ` richard -rw- weinberger
[not found] ` <c925f795-28d8-4e6d-8131-9a14d6e83659@email.android.com>
2012-08-18 22:27 ` richard -rw- weinberger
2012-08-19 10:12 ` Dan Luedtke
2012-08-19 10:14 ` Marco Stornelli
2012-08-19 13:34 ` Dan Luedtke
2012-08-19 12:02 ` Jochen Striepe
2012-08-19 15:33 ` Dan Luedtke
2012-08-19 14:07 ` Jochen Striepe
2012-08-19 14:27 ` Al Viro [this message]
2012-08-19 16:53 ` Dan Luedtke
2012-08-19 15:12 ` Al Viro
2012-08-19 15:24 ` Marco Stornelli
2012-08-20 17:36 ` Dan Luedtke
2012-08-19 21:04 ` Theodore Ts'o
2012-08-19 21:20 ` Andi Kleen
2012-08-19 23:06 ` Carlos Alberto Lopez Perez
2012-08-20 0:47 ` Theodore Ts'o
2012-08-20 6:07 ` Raymond Jennings
2012-08-20 6:49 ` Oliver Neukum
2012-08-20 9:12 ` Alexander Thomas
2012-08-20 13:21 ` Theodore Ts'o
2012-08-22 8:38 ` Arnd Bergmann
2012-08-20 11:36 ` Pavel Machek
2012-08-20 12:49 ` Ronnie Collinson
2012-08-20 17:48 ` Dan Luedtke
2012-08-19 13:25 ` Marco Stornelli
2012-08-19 15:45 ` Dan Luedtke
2012-08-22 9:53 ` Jan Engelhardt
2012-08-21 6:09 ` Vyacheslav Dubeyko
2012-08-23 17:29 ` Eric W. Biederman
2012-08-24 11:50 ` Prashant Shah
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20120819142732.GB23464@ZenIV.linux.org.uk \
--to=viro@zeniv.linux.org.uk \
--cc=jochen@tolot.escape.de \
--cc=lanyfs@librelist.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mail@danrl.de \
--cc=marco.stornelli@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).