Date: Mon, 28 Aug 2017 04:31:40 +0200 From: Cedric Blancher <cedric.blancher@gmail.com> To: "freebsd-hackers@freebsd.org" <freebsd-hackers@freebsd.org> Subject: Re: [PATCH] O_NOATIME support for open(2) Message-ID: <CALXu0UdK5uR4caUORYGSCeP0pvGVxG6gLDK=vSL8pFGyt7uKDg@mail.gmail.com> In-Reply-To: <20170826161827.GA21456@schoggimuss.roe.ch> References: <20170826161827.GA21456@schoggimuss.roe.ch>
next in thread | previous in thread | raw e-mail | index | archive | help
You know, this was long discussed in a Solaris rfe, and it was found that O_NOATIME has serious security implications and can be used to circumvent atime-based monitoring. So basically, you open a security hole with this. Ced On 26 August 2017 at 18:18, Daniel Roethlisberger <daniel@roe.ch> wrote: > I'm trying to implement O_NOATIME support for open(2) in order to > provide a more elegant way for backup/archiving software to > prevent atime clobbering. Except for a 2008 thread on this list > I did not find any material; not sure if anybody is interested in > this or if there are reasons why this was never implemented. > > The attached patch against 11.1 implements O_NOATIME support for > open(2); it prevents read(2) and mmap(2) from clobbering atime if > the file descriptor was opened with O_NOATIME. O_NOATIME is only > permitted for root and the owner of the file. Currently it is > only implemented for ufs/ffs. It seems to work for me but has > not been extensively tested. > > I am interested in feedback from people who know their way around > I/O and VFS code before I extend this to other file systems, make > O_NOATIME tunable by fcntl(2), wire it to the Linux compat layer > and write docs. Does the implementation look sane? Did I miss > something important? > > Specifically, is there a better way to pass O_NOATIME into > vm_mmap_vnode other than adding an additional boolean_t argument? > I did not use an additional mmap flag because that would have > required additional logic to prevent userland from passing the > flag to the mmap syscall. > > Daniel > > -- > Daniel Roethlisberger > http://daniel.roe.ch/ > > > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org" -- Cedric Blancher <cedric.blancher@gmail.com> [https://plus.google.com/u/0/+CedricBlancher/] Institute Pasteur
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CALXu0UdK5uR4caUORYGSCeP0pvGVxG6gLDK=vSL8pFGyt7uKDg>