[PATCH] UBUNTU: [Config] ext3 defaults to ordered mode
Stefan Bader
stefan.bader at canonical.com
Thu Jan 21 13:35:33 UTC 2010
Tim Gardner wrote:
> Surbhi Palande wrote:
>> This patch fixes bug 510067 on launchpad.
>> This patch enables the compile time option CONFIG_EXT3_DEFAULTS_TO_ORDERED
>> to ensure the data=ordered mode for an ext3 fs mount. This prevents a security
>> threat of older data being inadvertently exposed, that arises from mounting the
>> ext3 fs with the data=writeback mode.
>>
>> Do consider merging this for Karmic.
>>
>>
>> From 6978a248df3aab38476659e164020b35f7b227ad Mon Sep 17 00:00:00 2001
>> From: Surbhi Palande <surbhi.palande at canonical.com>
>> Date: Wed, 20 Jan 2010 15:28:31 +0200
>> Subject: [PATCH] UBUNTU: [Config] ext3 defaults to ordered mode
>>
>> BugLink: http://bugs.launchpad.net/bugs/510067
>> Ignore: yes
>>
>> To prevent a security threat of older data being inadvertently exposed,
>> the default mount option of ext3 should be ordered instead of writeback. This
>> patch enables the compile time option CONFIG_EXT3_DEFAULTS_TO_ORDERED
>> to ensure the data=ordered mode for an ext3 fs mount.
>>
>> Signed-off-by: Surbhi Palande <surbhi.palande at canonical.com>
>> ---
>> debian.master/config/config.common.ports | 2 +-
>> debian.master/config/config.common.ubuntu | 2 +-
>> 2 files changed, 2 insertions(+), 2 deletions(-)
>>
>> diff --git a/debian.master/config/config.common.ports b/debian.master/config/config.common.ports
>> index 39ee289..4e22aeb 100644
>> --- a/debian.master/config/config.common.ports
>> +++ b/debian.master/config/config.common.ports
>> @@ -817,7 +817,7 @@ CONFIG_EXT2_FS_POSIX_ACL=y
>> CONFIG_EXT2_FS_SECURITY=y
>> CONFIG_EXT2_FS_XATTR=y
>> # CONFIG_EXT2_FS_XIP is not set
>> -# CONFIG_EXT3_DEFAULTS_TO_ORDERED is not set
>> +CONFIG_EXT3_DEFAULTS_TO_ORDERED=y
>> CONFIG_EXT3_FS=y
>> CONFIG_EXT3_FS_POSIX_ACL=y
>> CONFIG_EXT3_FS_SECURITY=y
>> diff --git a/debian.master/config/config.common.ubuntu b/debian.master/config/config.common.ubuntu
>> index 462c1c1..2477234 100644
>> --- a/debian.master/config/config.common.ubuntu
>> +++ b/debian.master/config/config.common.ubuntu
>> @@ -943,7 +943,7 @@ CONFIG_EXT2_FS_POSIX_ACL=y
>> CONFIG_EXT2_FS_SECURITY=y
>> CONFIG_EXT2_FS_XATTR=y
>> # CONFIG_EXT2_FS_XIP is not set
>> -# CONFIG_EXT3_DEFAULTS_TO_ORDERED is not set
>> +CONFIG_EXT3_DEFAULTS_TO_ORDERED=y
>> CONFIG_EXT3_FS=y
>> CONFIG_EXT3_FS_POSIX_ACL=y
>> CONFIG_EXT3_FS_SECURITY=y
>
> Since we're already thinking about performance degradation with ext4, is
> this going to have an adverse impact on ext3 performance? It seems to me
> that the vulnerability window that this closes is vanishingly small, and
> really only applies to multi-user machines (I think). After all, who
> cares if the vulnerability exists on your laptop? You're likely the only
> user anyway.
>
> rtg
It will have an impact. But it not only has the security side but also the data
consistency side to it. There seems to be an overall bigger tendency to think of
the ordered option as being the preferable. The initial trigger to look at this
was a report of a fs corruption after a crash. Plus it was our default before
the config option was introduced. And we just failed to notice they silently
change the default there.
-Stefan
More information about the kernel-team
mailing list