From: Andrea Arcangeli <andrea@novell.com>
To: Helge Hafting <helge.hafting@hist.no>
Cc: William Lee Irwin III <wli@holomorphy.com>,
Andrew Morton <akpm@osdl.org>,
linux-kernel@vger.kernel.org, an.li.wang@intel.com
Subject: Re: truncate shows non zero data beyond the end of the inode with MAP_SHARED
Date: Fri, 17 Sep 2004 15:52:57 +0200 [thread overview]
Message-ID: <20040917135257.GV15426@dualathlon.random> (raw)
In-Reply-To: <414AEB5E.30803@hist.no>
On Fri, Sep 17, 2004 at 03:49:18PM +0200, Helge Hafting wrote:
> I am assuming that the "garbage" between i_size and the
> page boundary is stuff left over from whatever that
> memory page was used for earlier? If so, it could be
> 4095 bytes out of the 4096 that was used to cache some
> other file earlier. Possibly someone else's confidential file.
> Or a piece of some network package that was processed a while ago.
I see what you mean now, but this is not the case, the new page is
cleared by block_truncate_page, as Andrew pointed out. So when we get a
new partial page we zero out the content beyond the end of the inode.
It's when we extend again that we don't do anything on such partial page
previously processed and zeroed-out by block_truncate_page. So there
can't be some network data processed a while ago, or other random memory
content. It's just up to the application to be correct and not to write
its own data beyond the end of the i_size if it doesn't want this data
to hit disk (and other data will be written anyways below the i_size,
which has the same issue). So basically I don't see any security issue.
next prev parent reply other threads:[~2004-09-17 13:53 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-09-15 12:29 truncate shows non zero data beyond the end of the inode with MAP_SHARED Andrea Arcangeli
2004-09-15 12:46 ` Alan Cox
2004-09-15 21:01 ` William Lee Irwin III
2004-09-15 21:55 ` Andrew Morton
2004-09-15 22:00 ` William Lee Irwin III
2004-09-15 22:08 ` Andrea Arcangeli
2004-09-16 8:49 ` Helge Hafting
2004-09-16 14:26 ` Andrea Arcangeli
2004-09-17 13:49 ` Helge Hafting
2004-09-17 13:52 ` Andrea Arcangeli [this message]
2004-09-17 13:54 ` William Lee Irwin III
2004-09-15 22:04 ` Andrea Arcangeli
2004-09-15 21:58 ` Andrea Arcangeli
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20040917135257.GV15426@dualathlon.random \
--to=andrea@novell.com \
--cc=akpm@osdl.org \
--cc=an.li.wang@intel.com \
--cc=helge.hafting@hist.no \
--cc=linux-kernel@vger.kernel.org \
--cc=wli@holomorphy.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox