lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 13 Jan 2020 14:29:51 -0500 From: "Theodore Y. Ts'o" <tytso@....edu> To: Eric Biggers <ebiggers@...nel.org> Cc: linux-ext4@...r.kernel.org, linux-fscrypt@...r.kernel.org Subject: Re: [PATCH] ext4: allow ZERO_RANGE on encrypted files On Thu, Dec 26, 2019 at 09:42:16AM -0600, Eric Biggers wrote: > From: Eric Biggers <ebiggers@...gle.com> > > When ext4 encryption support was first added, ZERO_RANGE was disallowed, > supposedly because test failures (e.g. ext4/001) were seen when enabling > it, and at the time there wasn't enough time/interest to debug it. > > However, there's actually no reason why ZERO_RANGE can't work on > encrypted files. And it fact it *does* work now. Whole blocks in the > zeroed range are converted to unwritten extents, as usual; encryption > makes no difference for that part. Partial blocks are zeroed in the > pagecache and then ->writepages() encrypts those blocks as usual. > ext4_block_zero_page_range() handles reading and decrypting the block if > needed before actually doing the pagecache write. > > Also, f2fs has always supported ZERO_RANGE on encrypted files. > > As far as I can tell, the reason that ext4/001 was failing in v4.1 was > actually because of one of the bugs fixed by commit 36086d43f657 ("ext4 > crypto: fix bugs in ext4_encrypted_zeroout()"). The bug made > ext4_encrypted_zeroout() always return a positive value, which caused > unwritten extents in encrypted files to sometimes not be marked as > initialized after being written to. This bug was not actually in > ZERO_RANGE; it just happened to trigger during the extents manipulation > done in ext4/001 (and probably other tests too). > > So, let's enable ZERO_RANGE on encrypted files on ext4. > > Tested with: > gce-xfstests -c ext4/encrypt -g auto > gce-xfstests -c ext4/encrypt_1k -g auto > > Got the same set of test failures both with and without this patch. > But with this patch 6 fewer tests are skipped: ext4/001, generic/008, > generic/009, generic/033, generic/096, and generic/511. > > Signed-off-by: Eric Biggers <ebiggers@...gle.com> Thanks, applied. - Ted
Powered by blists - more mailing lists