lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <1399583486.8729.42.camel@zerobox.home>
Date:	Thu, 08 May 2014 23:11:26 +0200
From:	Lubos Uhliarik <uhliarik@...nam.cz>
To:	tytso@....edu
Cc:	linux-ext4@...r.kernel.org, lczerner@...hat.com,
	vojnar@....vutbr.cz
Subject: Re: [RFC][PATCH 0/1] ext4: Undelete Feature for Ext4

Hi Tytso

I'm trying to respond on your email ones again - more in detail.

tytso@....edu wrote:
> On Tue, Mar 18, 2014 at 04:09:30PM +0100, Lubos Uhliarik wrote:
> > The main changes in patch are following:
> > 
> > a) commented out zeroing ex->ee_len, ee->start_hi and ee->start_lo,
> > because these entries are essential for undelete process
> 
> The reason why we have to zero out ex->ee_len, etc. is because the
> truncate operation can sometimes span multiple journal transactions.
> So as a result, we need to keep the file system consistent if we are
> interrupted (i.e., via a power fail event) while in the middle of a
> truncate operation.
> 
> It's a rare case, but it can happen if the journal is almost full at
> the time when the truncate eoperation has started, such that there is
> no room for to exntend the transaction handle, and so we are forced to
> start a new transaction (and possibly wait for a journal checkpoint
> operation).

Yes, as I noticed in the function ext4_ext_rm_leaf in /fs/ext4/extents.c
file, there is a call of the function ext4_ext_truncate_extend_restart,
which can cause, that unlink operation will be devided into multiple
journal operations.

But, there should NOT be any problem with file system consistency in my
opinion, because decremention value of eh->eh_entries is in the same
transaction, as the block of code which will keep ex->ee_len, etc.
entries. 

So, if a new transaction is started, in eh->eh_entries will be correct
value of extents, which are in a block. 

New value of eh->eh_entries after decreasing after one iteration (one
extent removal) is written to the disk together with change of block
bitmap.

Between lines 2698
if (num == 0)
	/* this extent is removed; mark slot entirely unused */
	ext4_ext_store_pblock(ex, 0);

and 2727 

le16_add_cpu(&eh->eh_entries, -1);

in file fs/ext4/extents.c is no function call, which can mark block
dirty. That kind of function (ext4_ext_dirty) is called at line 2731. 

> 
> In theory, it would be possible to figure out in advance whether or
> not we could fit the truncate in a single transaction, but it would
> require making the truncate operation be a two-pass operation --- once
> to determine how many blocks needs to be modified, and once to
> actually do the truncate operation.




> 
> > This patch shouldn't break ext4, I tested it with xfs_tests and tests 
> > were successfull.
> 
> I'm guessing you didn't do power fail testing --- and this is very
> important when messing with the design truncate/unlink code path.

I did power failure testing, but I was unable to divide undelete process
into more transactions. I created the ext4 with the smallest possible
journal, but it didn't help, even I was creating and deleting 20 very
fragmented files at one moment. I didn't get any file system error,
which couldn't be repaired by replaying the journal. Anyway, as I wrote
before, I checked the code and I didn't see any problem, why it should
cause file system inconsistency.

If you have any questions, please ask me and I will try to respond
immediately, because my profesor needs to know, if this patch can be
considered as a part of next kernel version. Thank you. 

> 
> Regards,
> 
> 						- Ted

Kind regards,
Lubos


--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ