lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20190116213423.GA20263@Z926fQmE5jqhFMgp6>
Date:   Wed, 16 Jan 2019 22:34:23 +0100
From:   Etienne Buira <etienne.buira@...e.fr>
To:     linux-ext4@...r.kernel.org
Subject: ext4fs block role, debugfs testb and icheck mismatch

Hi all,

For the background: i've hit defect sectors (on part of md array), and i
want to rewrite those sectors to force hdd reallocation, so i need to
figure out what they are used for.

Unrolling the layers under fs, i'm interested in a 4K blocks range that
starts at 2035, here starts the trouble:
debugfs 1.43.9 (8-Feb-2018)
debugfs:  testb 2035
Block 2035 marked in use
debugfs:  icheck 2035
Block   Inode number
2035    <block not found>

>From this result, i tried to figure out if this block were used for fs
internal structures.
Using dumpe2fs, i see that this block belongs to group 0, and falls
beyond fs structures (last block for inode table is reported as 1568).
Block 2035 is not reported as free blocks.

Running forced (fs was marked clean) RO check with e2fsck (on mounted
filesystem) did not report block 2035 in block bitmap differences.

Oh, and yes, unmounting the filesystem would be a costy operation, so
better if avoided (that's why i ran e2fsck RO, and only looked for
results about the block of interest).

So, how can i know how this (these, actually) block is used?

Regards.

PS: I'm not subscribed to the list, so please CC me.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ