lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Fri, 15 Apr 2011 03:54:05 +0200
From:	Amir Goldstein <amir73il@...il.com>
To:	Theodore Tso <tytso@....edu>
Cc:	Ext4 Developers List <linux-ext4@...r.kernel.org>
Subject: Re: [RFC] exclude_bitmap and uninit_bg features

On Wed, Apr 13, 2011 at 9:03 PM, Amir Goldstein <amir73il@...il.com> wrote:
> Hi Ted,
>
> I have been exploring the possibility to make exclude bitmap a compat feature
> and I think I have come to a dead end with ext4_init_block_bitmap().
>
> On old kernels, this function will disregard the exclude bitmap block and leave
> it free in the block bitmap.
>
> So that leaves us with the less attractive option to make it rocompat,
> which leads to the following dilemma:
> Once exclude bitmap is allocated by new mkfs or added by new tune2fs,
> the fs can no longer be mounted by an older kernel.
> How can we solve that problem?
>
> We could use 2 features:
> EXT4_FEATURE_COMPAT_EXCLUDE_BITMAP /* exclude bitmap is allocated */
> EXT4_FEATURE_RO_COMPAT_UNINIT_EXCLUDE /* uninit_bg and exclude_bitmap are set */

I am being silly.
There is no need for the helper uninit_exclude rocompat feature,
because I already
have the rocomat has_snapshot feature, so I can init all bitmaps when
removing it,
to keep the exclude bitmap protected.

>
> New mkfs can allocate exclude bitmaps for uninit groups and set the 2
> features by default.
> tune2fs -O ^uninit_exclude can init all groups and remove the rocompat feature,
> making the fs available for old kernels, while keeping the exclude
> bitmap intact.
>
> Does that make sense to you?
>

So I have a new, yet simpler, deployment strategy.
For the next release of e2fsprogs:
- mke2fs -o has_snapshot will explicitly allocate exclude bitmap and big journal
- setting/clearing of exclude_bitmap/has_snapshot features by tune2fs
will not be allowed

ext4 with has_snapshot feature will be mountable read-write by new
kernels with the
CONFIG_EXT4_FS_SNAPSHOT config option enabled and will be mountable
read-only by old kernels and when config option is disabled.

This avoid all backward compatibility issues and will assure that no one tries
to enable an experimental feature on his root fs.

This also reduces the e2fsprogs patches to tune2fs.

For a future release of e2fsprogs:
- setting the exclude_bitmap/has_snapshot features by tune2fs will be allowed
- clearing the exclude_bitmap feature will not be allowed
- clearing the has_snapshot feature will init all block bitmaps,
uninit all exclude bitmaps and discard all snapshots

Please approve my plan and I will carry on to submit the reduced set
of e2fsporgs patches.

Thanks,
Amir.
--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists