lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 18 Apr 2014 18:01:38 +0200
From:	Lubos Uhliarik <uhliarik@...nam.cz>
To:	tytso@....edu
Cc:	linux-ext4@...r.kernel.org, lczerner@...hat.com,
	vojnar@....vutbr.cz
Subject: Re: [RFC][PATCH 0/1] ext4: Undelete Feature for Ext4

Hi Tytso,

I tried to do some power failure tests, but I was unable to simulate an
error, as you described.

I analysed code by myself, but I don't see any problem with starting a
new transaction in function ext4_ext_rm_leaf. If in this function new
transaction is created and system will crash in the middle of deleting
the file, eh_entries in extent_header will have correct value, so it
shouldn't cause any problem (eh_entries is decremented in the same
transaction, as zeroing out ex->len etc.). 

I hope, you will understand, what I want to say. 

If I'm wrong, please let me know.

Regards,

Lubos

tytso@....edu píše v Út 18. 03. 2014 v 13:14 -0400:
> On Tue, Mar 18, 2014 at 04:09:30PM +0100, Lubos Uhliarik wrote:
> > The main changes in patch are following:
> > 
> > a) commented out zeroing ex->ee_len, ee->start_hi and ee->start_lo,
> > because these entries are essential for undelete process
> 
> The reason why we have to zero out ex->ee_len, etc. is because the
> truncate operation can sometimes span multiple journal transactions.
> So as a result, we need to keep the file system consistent if we are
> interrupted (i.e., via a power fail event) while in the middle of a
> truncate operation.
> 
> It's a rare case, but it can happen if the journal is almost full at
> the time when the truncate eoperation has started, such that there is
> no room for to exntend the transaction handle, and so we are forced to
> start a new transaction (and possibly wait for a journal checkpoint
> operation).
> 
> In theory, it would be possible to figure out in advance whether or
> not we could fit the truncate in a single transaction, but it would
> require making the truncate operation be a two-pass operation --- once
> to determine how many blocks needs to be modified, and once to
> actually do the truncate operation.
> 
> > This patch shouldn't break ext4, I tested it with xfs_tests and tests 
> > were successfull.
> 
> I'm guessing you didn't do power fail testing --- and this is very
> important when messing with the design truncate/unlink code path.
> 
> Regards,
> 
> 						- Ted


--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists