| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 27 Apr 2009 22:03:32 -0500
From: Eric Sandeen <sandeen@...hat.com>
To: Mingming Cao <cmm@...ibm.com>
CC: "Aneesh Kumar K.V" <aneesh.kumar@...ux.vnet.ibm.com>,
tytso@....edu, linux-ext4@...r.kernel.org
Subject: Re: [RFC PATCH] mark buffer_head mapping preallocate area as new
during write_begin with delayed allocation
Mingming Cao wrote:
> 在 2009-04-28二的 00:35 +0530,Aneesh Kumar K.V写道:
>> We need to mark the buffer_head mapping prealloc space
>> as new during write_begin. Otherwise we don't zero out the
>> page cache content properly for a partial write. This will
>> cause file corruption with preallocation.
>>
>
>> Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@...ux.vnet.ibm.com>
>>
>> ---
>> fs/ext4/inode.c | 2 ++
>> 1 files changed, 2 insertions(+), 0 deletions(-)
>>
>> diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c
>> index c6bd6ce..c7251ec 100644
>> --- a/fs/ext4/inode.c
>> +++ b/fs/ext4/inode.c
>> @@ -2323,6 +2323,8 @@ static int ext4_da_get_block_prep(struct inode *inode, sector_t iblock,
>> set_buffer_delay(bh_result);
>> } else if (ret > 0) {
>> bh_result->b_size = (ret << inode->i_blkbits);
>> + if (buffer_unwritten(bh_result))
>> + set_buffer_new(bh_result);
>> ret = 0;
>> }
>>
>
> Thanks Aneesh.
>
> Just to share with list, I have seen garbage content show up on a
> preallocated but later partially written blocks. This only happens with
> delayed allocation. The test simply preallocate 2blocks to a new file,
> then write a few bytes to the beginning of file(less than a block), and
> od shows the first block the written content followed by garbage filled
> to the end of the first block.
>
> After examing the code, we did set the buffer as new for nondelalloc, as
> the create flag passed to ext4_ext_get_blocks() is 1, while for delalloc
> case, ext4_get_blocks_prep() calling ext4_ext_get_block() with create
> =0, which leads to the code path that forget to set the bh as new if the
> block is preallocated.
>
> This patch is mostly correct except forget to set the bh_result->bdev,
> which caused the fs blow out.
Yep, I saw the oops too.
> The updated patch fixed the problem for me.
>
> Signed-off-by: Mingming Cao <cmm@...ibm.com>
>
> Index: linux-2.6.28-rc6/fs/ext4/inode.c
> ===================================================================
> --- linux-2.6.28-rc6.orig/fs/ext4/inode.c 2009-03-12 10:21:05.000000000 -0700
> +++ linux-2.6.28-rc6/fs/ext4/inode.c 2009-04-27 14:35:21.000000000 -0700
> @@ -2177,7 +2177,10 @@ static int ext4_da_get_block_prep(struct
> set_buffer_new(bh_result);
> set_buffer_delay(bh_result);
> } else if (ret > 0) {
> + if (buffer_unwritten(bh_result))
> + set_buffer_new(bh_result);
> bh_result->b_size = (ret << inode->i_blkbits);
> + bh_result->b_bdev = inode->i_sb->s_bdev;
> ret = 0;
> }
It may be just me, but I'd like to sort out why we now need to set
b_bdev here just because we set it as new, and it wasn't necessary
before...? If it's obvious I'm not yet seeing it :)
-Eric
--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists