lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 7 Sep 2010 17:17:24 -0400
From:	Mike Snitzer <snitzer@...hat.com>
To:	Milan Broz <mbroz@...hat.com>
Cc:	device-mapper development <dm-devel@...hat.com>,
	Tejun Heo <tj@...nel.org>, jaxboe@...ionio.com,
	linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org,
	linux-scsi@...r.kernel.org, linux-ide@...r.kernel.org,
	linux-raid@...r.kernel.org, hch@....de,
	konishi.ryusuke@....ntt.co.jp, James.Bottomley@...e.de,
	tytso@....edu, chris.mason@...cle.com, swhiteho@...hat.com,
	vst@...b.net, jack@...e.cz, rwheeler@...hat.com, hare@...e.de,
	neilb@...e.de, rusty@...tcorp.com.au, mst@...hat.com,
	k-ueda@...jp.nec.com, mpatocka@...hat.com
Subject: Re: [PATCH 23/41] dm: implement REQ_FLUSH/FUA support for bio-based
 dm

On Mon, Sep 06 2010 at  7:14am -0400,
Milan Broz <mbroz@...hat.com> wrote:

> On 09/03/2010 12:29 PM, Tejun Heo wrote:
> 
> > +++ b/drivers/md/dm-crypt.c
> > @@ -1278,7 +1278,7 @@ static int crypt_map(struct dm_target *ti, struct bio *bio,
> >  	struct dm_crypt_io *io;
> >  	struct crypt_config *cc;
> >  
> > -	if (unlikely(bio_empty_barrier(bio))) {
> > +	if (bio->bi_rw & REQ_FLUSH) {
> >  		cc = ti->private;
> >  		bio->bi_bdev = cc->dev->bdev;
> >  		return DM_MAPIO_REMAPPED;
> 
> ...
> 
> > +++ b/drivers/md/dm.c
> > @@ -1400,14 +1391,22 @@ static void __split_and_process_bio(struct mapped_device *md, struct bio *bio)
> >  	ci.io->md = md;
> >  	spin_lock_init(&ci.io->endio_lock);
> >  	ci.sector = bio->bi_sector;
> > -	ci.sector_count = bio_sectors(bio);
> > -	if (unlikely(bio_empty_barrier(bio)))
> > +	if (!(bio->bi_rw & REQ_FLUSH))
> > +		ci.sector_count = bio_sectors(bio);
> > +	else {
> > +		/* all FLUSH bio's reaching here should be empty */
> > +		WARN_ON_ONCE(bio_has_data(bio));
> >  		ci.sector_count = 1;
> > +	}
> 
> 
> I would add BUG_ON(bio_has_data(bio)) either to dm-crypt target or directly to DM core
> in this path.

I agree, that WARN_ON_ONCE should be changed to BUG_ON.  This is a
guarantee that the block layer now provides so it seems correct to have
the DM core bug if that guarantee isn't actually provided.
 
> Note that empty barrier request bypass encryption layer now in dm-crypt, so if some bio
> with data payload reach it after the change, it causes data corruption
> (moreover plain data reach the disk directly).

Given the consequences, it wouldn't hurt to BUG_ON() in dm-crypt too.
It's redundant if the DM core will also BUG_ON() but it serves as a
dm-crypt safety-net/documentation.

Mike
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ