https://bugzilla.kernel.org/show_bug.cgi?id=40512 Summary: EXT4_IOC_MIGRATE is dangerous on directories Product: File System Version: 2.5 Kernel Version: 2.6.39 Platform: All OS/Version: Linux Tree: Mainline Status: NEW Severity: high Priority: P1 Component: ext4 AssignedTo: fs_ext4@xxxxxxxxxxxxxxxxxxxx ReportedBy: benjamin@xxxxxxxxxx Regression: No Using EXT4_IOC_MIGRATE on a non-extent directory seems to have terrible consequences. Consider the following example. "dir" is a old directory without extents. $ ls -la dir/ total 12 drwxr-xr-x 2 benjamin benjamin 4096 Aug 3 20:42 . drwxr-xr-x 47 benjamin benjamin 4096 Aug 3 20:42 .. -rw-r----- 1 benjamin benjamin 7 Aug 3 20:42 something.txt $ cat migrate.c #include <fcntl.h> #include <stdio.h> #include <stdlib.h> int main(int argc, char **argv) { const char *fn = argv[1]; int fd, ret; fd = open(fn, O_RDONLY); /* This invokes EXT4_IOC_MIGRATE. */ ret = ioctl(fd, 0x6609); close(fd); if (ret < 0) { fprintf(stderr, "ioctl failed\n"); return 1; } printf("Migration successful?\n"); return 0; } $ gcc -o migrate migrate.c $ ./migrate dir Migration successful? $ ls -la dir total 0 # !!!!!!!!!!!!!! Also, we why are you allowed to migrate stuff with only O_RDONLY access? -- Configure bugmail: https://bugzilla.kernel.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug. -- To unsubscribe from this list: send the line "unsubscribe linux-ext4" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
