Linux developers discuss whether to remove ReiserFS

What is Linux and what is it for?

matthew wilcox oracle, known for creating the nvme driver (NVM Express) and the mechanism for direct access to the DAX file system, suggested removing the ReiserFS filesystem from the Linux kernel by analogy with the deprecated ext and xiafs filesystems or by shortening the ReiserFS code, leaving only "read-only" support.

It is mentioned that the reason for removal was additional difficulties with the update of the kernel infrastructure, caused by the fact that, specifically for ReiserFS, developers are forced to leave the deprecated flag handler AOP_FLAG_CONT_EXPAND in the kernel, as ReiserFS is still the only filesystem that uses this "write_begin" function » in the Kernel.

At the same time, the last fix in the ReiserFS code dates back to 2019, and it is unclear how much demand this FS is in and if they continue to use it.

Given this, a SUSE developer agreed in that ReiserFS is on its way to deprecation, but it's not clear if it's deprecated enough to be removed from the kernel, as it mentions that ReiserFS continues to ship with openSUSE and SLES, but the file system's user base is small and shrinking.

For corporate users, ReiserFS support on SUSE was discontinued 3-4 years ago and the ReiserFS module is not included with the kernel by default. As an option, Ian suggested that we start displaying a deprecation warning when mounting ReiserFS partitions and consider this filesystem ready for removal if no one informs us of the desire to continue using this filesystem in a year or two.

Edward Shishkin, which maintains the ReiserFS file system, joined the discussion and provided a patch that removes the use of the AOP_FLAG_CONT_EXPAND flag of the ReiserFS code. Matthew Wilcox accepted the patch on his build. Therefore, the reason for the removal was removed, and the question of excluding ReiserFS from the kernel can be considered postponed for quite some time.

It will not be possible to completely rule out the issue of ReiserFS deprecation due to kernel exclusion work on file systems with an unresolved issue of 2038.

For example, for this reason, a schedule has already been prepared to remove the fourth version of the XFS file system format from the kernel (The new XFS format was proposed in kernel 5.10 and changed the time counter overflow to 2468.) The XFS v4 build will be disabled by default in 2025 and the code will be removed in 2030). It is proposed to develop a similar timeline for ReiserFS, providing at least five years for migration to other file systems or a modified metadata format.

Besides that, It also stands out which was made known a few days ago the news of the vulnerability (CVE-2022-25636) in Netfilter, which could allow kernel-level code execution.

The vulnerability is due to an error in calculating the size of the flow->rule->action.entries array in the nft_fwd_dup_netdev_offload function (defined in the net/netfilter/nf_dup_netdev.c file), which can cause data controlled by the attacker writes to a memory area outside of the allocated buffer.

The error manifests itself when configuring the "dup" and "fwd" rules on chains for which hardware acceleration of packet processing (download) is used. Because the overflow occurs before the packet filter rule is created and offload support is verified, the vulnerability also applies to network devices that do not support hardware acceleration, such as a loopback interface. .

It is observed that the problem is quite easy to exploit, since values ​​that go beyond the buffer can overwrite the pointer to the net_device structure, and data about the overwritten value is returned to user space, allowing the addresses in memory needed to carry out the attack to be ascertained.

Exploiting vulnerability requires the creation of certain rules in nftables, which is only possible with CAP_NET_ADMIN privileges, which can be obtained by a non-privileged user in a separate network namespace (Network Namespaces). The vulnerability can also be used to attack container isolation systems.

An example of an exploit has been announced that allows a local user to elevate their privileges on Ubuntu 21.10 with the KASLR security mechanism disabled. The problem manifests itself as of kernel 5.4. Solution is still available as a patch.


A comment, leave yours

Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: AB Internet Networks 2008 SL
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.

  1.   Diego German Gonzalez said

    The creator of the file format has been serving a sentence since 2008 for having murdered the woman. Supposedly it would come out next year. Maybe he gets his act together and solves all the problems.
    In any case, it is an example of the advantages of open source that projects continue beyond people.