Re: [PATCH] pipefs unique inode numbers

linux-fsdevel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Jeff Layton <jlayton@redhat.com>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Bodo Eggert <7eggert@gmx.de>,
	akpm@osdl.org, dev@sw.ru, linux-kernel@vger.kernel.org,
	linux-fsdevel@vger.kernel.org, torvalds@osdl.org
Subject: Re: [PATCH] pipefs unique inode numbers
Date: Tue, 30 Jan 2007 19:12:53 -0500	[thread overview]
Message-ID: <45BFDF05.8060008@redhat.com> (raw)
In-Reply-To: <Pine.LNX.4.64.0701301454400.3611@woody.linux-foundation.org>

Linus Torvalds wrote:
> 
> On Tue, 30 Jan 2007, Bodo Eggert wrote:
>> change pipefs to use a unique inode number equal to the memory
>> address unless it would be truncated.
> 
> I *really* wouldn't want to expose kernel addresses to user space, it just 
> ends up being a piece of data that they shouldn't have. If we have some 
> security issue, this is just too much kernel information that a bad user 
> could get at.
> 
> 		Linus

Agreed. That was my reasoning for proposing the earlier patch that xor'ed
it with a random value (though that's pretty thin protection too).

I think in hindsight though, just pulling the patch that hashes pipefs
inodes is probably the best thing for now. At some point in the future,
if we decide it's enough of a problem, we can always revisit it.

I'm still planning to look over other callers of new_inode to make a
determination about them wrt to i_ino uniqueness. Many of them are not
as performance sensitive as pipefs, and it might not be such a big deal
to just hash those.

-- Jeff

next prev parent reply	other threads:[~2007-01-31  0:13 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2007-01-30 22:40 [PATCH] pipefs unique inode numbers Bodo Eggert
2007-01-30 22:55 ` Linus Torvalds
2007-01-31  0:12   ` Jeff Layton [this message]
2007-01-31  1:19 ` Jeff Layton
2007-01-31  1:28   ` Linus Torvalds
2007-01-31  2:02     ` Jeff Layton
2007-01-31  9:19     ` Kirill Korotaev
2007-01-31  1:37   ` Jeff Layton

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=45BFDF05.8060008@redhat.com \
    --to=jlayton@redhat.com \
    --cc=7eggert@gmx.de \
    --cc=akpm@osdl.org \
    --cc=dev@sw.ru \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=torvalds@linux-foundation.org \
    --cc=torvalds@osdl.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).