ntfs kernel module
Alexandre Oliva
aoliva at redhat.com
Tue Oct 26 21:56:18 UTC 2004
On Oct 26, 2004, "Robert P. J. Day" <rpjday at mindspring.com> wrote:
> On Tue, 26 Oct 2004, Alexandre Oliva wrote:
>> All it takes is a bit of incorrect memory management in the kernel.
>> As soon as you corrupt kernel data structures, all bets are off. Say,
>> double-free of a pointer to an ntfs read-only buffer could corrupt
>> whatever data structure that buffer was being reused for after the
>> first free.
> i've always wondered about this -- i still don't see how that could
> corrupt the NTFS structure *on* *disk*. sure, it's entirely possible
> that the cached NTFS info in RAM might get screwed, you might lose the
> ability to *read* files from the hard drive.
Not only that. It may screw any data structures whatsoever. It
could, for example, mark as dirty another unrelated page that was not
supposed to be dirty, and then, if that page happens to get a bit of
the memory corruption too, it will eventually make it to disk (if the
system doesn't crash first).
> if i mount a filesystem read-only, i expect it never to be altered.
> doesn't NTFS use the same VFS layer as everyone else?
If nothing corrupts memory, yes. If there's a single module getting
internal data structures messed up, all bets are off.
--
Alexandre Oliva http://www.ic.unicamp.br/~oliva/
Red Hat Compiler Engineer aoliva@{redhat.com, gcc.gnu.org}
Free Software Evangelist oliva@{lsd.ic.unicamp.br, gnu.org}
More information about the fedora-test-list
mailing list