lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 10 Aug 2015 05:44:49 +0000 (GMT)
From:	Daeho Jeong <daeho.jeong@...sung.com>
To:	"tytso@....edu" <tytso@....edu>,
	"linux-ext4@...r.kernel.org" <linux-ext4@...r.kernel.org>
Cc:	"daehojng@...il.com" <daehojng@...il.com>,
	정대호 <daeho.jeong@...sung.com>
Subject: [PATCH] ext4, jbd2: ensure entering into panic after recording an
 error in JBD2 superblock

If a EXT4 filesystem utilizes JBD2 journaling and an error occurs, the journaling
will be aborted first and the error number will be recorded into JBD2 superblock
and, finally, the system will enter into the panic state in "errors=panic" option.
But, in the rare case, this sequence is little twisted like the below figure and
it will happen that the system enters into panic state, which means the system
reset in mobile environment, before completion of recording an error in the
journal superblock. In this case, e2fsck cannot recognize that the filesystem
failure occured in the previous run and the corruption wouldn't be fixed.

Task A                                                 Task B
ext4_handle_error()
-> jbd2_journal_abort()
  -> __journal_abort_soft()
    -> __jbd2_journal_abort_hard()
    | -> journal->j_flags |= JBD2_ABORT;
    |                                                      __ext4_abort()
    |                                                      -> jbd2_journal_abort()
    |                                                      | -> __journal_abort_soft()
    |                                                      |   -> if (journal->j_flags & JBD2_ABORT)
    |                                                      |           return;
    |                                                      -> panic()
    -> jbd2_journal_update_sb_errno()

Tested-by: Hobin Woo <hobin.woo@...sung.com>
Signed-off-by: Daeho Jeong <daeho.jeong@...sung.com>
Signed-off-by: Youngjin Gil <youngjin.gil@...sung.com>
---
 fs/jbd2/journal.c |    4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/fs/jbd2/journal.c b/fs/jbd2/journal.c
index b96bd80..b265fd8 100644
--- a/fs/jbd2/journal.c
+++ b/fs/jbd2/journal.c
@@ -2051,10 +2051,10 @@ static void __journal_abort_soft (journal_t *journal, int errno)
        if (!journal->j_errno)
                journal->j_errno = errno;

-       __jbd2_journal_abort_hard(journal);
-
        if (errno)
                jbd2_journal_update_sb_errno(journal);
+
+       __jbd2_journal_abort_hard(journal);
 }

 /**

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ