| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 11 May 2014 21:41:19 -0400
From: Theodore Ts'o <tytso@....edu>
To: "Darrick J. Wong" <darrick.wong@...cle.com>
Cc: Lukáš Czerner <lczerner@...hat.com>,
linux-ext4@...r.kernel.org
Subject: Re: [PATCH 06/37] debugfs: force logdump to display (old) journal
contents
On Mon, May 05, 2014 at 05:24:53PM -0700, Darrick J. Wong wrote:
> I'll update the manpage. -c seems to hexdump the contents of any block that we
> find while iterating the journal. -b would seem to allow you to dump an
> arbitrary block #, but I could never get it to do that.
It's used to dump information _about_ an arbitrary block. Here's an
example of some of the cool things you can do with logdump:
<tytso@...sure> {/usr/projects/e2fsprogs/e2fsprogs} (next)
1742% gunzip < tests/f_jnl_32bit/image.gz > /tmp/image
<tytso@...sure> {/usr/projects/e2fsprogs/e2fsprogs} (next)
1743% debugfs /tmp/image
debugfs 1.42.9 (4-Feb-2014)
debugfs: logdump -b 680
Journal starts at block 1, transaction 2
FS block 66 logged at sequence 3, journal block 8 (flags 0x2)
(block bitmap for block 680: block is SET)
FS block 680 logged at sequence 3, journal block 205 (flags 0x2)
FS block 66 logged at sequence 4, journal block 231 (flags 0x2)
(block bitmap for block 680: block is SET)
FS block 680 logged at sequence 4, journal block 234 (flags 0x2)
FS block 66 logged at sequence 5, journal block 339 (flags 0x2)
(block bitmap for block 680: block is SET)
FS block 680 logged at sequence 5, journal block 450 (flags 0x2)
No magic number at block 464: end of journal.
debugfs: icheck 680
Block Inode number
680 2132
debugfs: logdump -i <2132>
Inode 2132 is at group 1, block 364, offset 384
Journal starts at block 1, transaction 2
FS block 364 logged at sequence 3, journal block 197 (flags 0x2)
(inode block for inode 2132):
Inode: 2132 Type: directory Mode: 0755 Flags: 0x80000
Generation: 3167953082 Version: 0x00000008
User: 0 Group: 0 Size: 1024
File ACL: 0 Directory ACL: 0
Links: 9 Blockcount: 2
Fragment: Address: 0 Number: 0 Size: 0
ctime: 0x4fa1639e -- Wed May 2 12:41:02 2012
atime: 0x4fa1639e -- Wed May 2 12:41:02 2012
mtime: 0x4fa1639e -- Wed May 2 12:41:02 2012
Blocks: (0+1): 127754 (1+1): 4 (5+1): 680
FS block 364 logged at sequence 4, journal block 233 (flags 0x2)
(inode block for inode 2132):
Inode: 2132 Type: directory Mode: 0755 Flags: 0x80000
Generation: 3167953082 Version: 0x0000000c
User: 0 Group: 0 Size: 1024
File ACL: 0 Directory ACL: 0
Links: 13 Blockcount: 2
Fragment: Address: 0 Number: 0 Size: 0
ctime: 0x4fa1639e -- Wed May 2 12:41:02 2012
atime: 0x4fa1639e -- Wed May 2 12:41:02 2012
mtime: 0x4fa1639e -- Wed May 2 12:41:02 2012
Blocks: (0+1): 127754 (1+1): 4 (5+1): 680
FS block 364 logged at sequence 5, journal block 434 (flags 0x2)
(inode block for inode 2132):
Inode: 2132 Type: directory Mode: 0755 Flags: 0x80000
Generation: 3167953082 Version: 0x00000015
User: 0 Group: 0 Size: 1024
File ACL: 0 Directory ACL: 0
Links: 4 Blockcount: 2
Fragment: Address: 0 Number: 0 Size: 0
ctime: 0x4fa163a7 -- Wed May 2 12:41:11 2012
atime: 0x4fa163a7 -- Wed May 2 12:41:11 2012
mtime: 0x4fa163a7 -- Wed May 2 12:41:11 2012
Blocks: (0+1): 127754 (1+1): 4 (5+1): 680
No magic number at block 464: end of journal.
debugfs: quit
The idea is that this can be useful when debugging a potentially
corrupted journal, or for advanced file system recovery.
Note that logdump -c is most useful in combination with -b, for
example: "logdump -b 680 -c".
- Ted
--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists