| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <bug-207729-13602-9qz1oojuSh@https.bugzilla.kernel.org/> Date: Tue, 28 Jul 2020 08:32:32 +0000 From: bugzilla-daemon@...zilla.kernel.org To: linux-ext4@...r.kernel.org Subject: [Bug 207729] Mounting EXT4 with data_err=abort does not abort journal on data block write failure https://bugzilla.kernel.org/show_bug.cgi?id=207729 --- Comment #4 from Jan Kara (jack@...e.cz) --- Thanks for the reproducer! Good spotting! This is indeed broken. The problem is that the write to the second file block happens, data is written to page cache. Then fsync(2) happens. It starts writeback of the second file block - allocates block, extends file size, submits write of the second file block, and waits for this write to complete. Because the write fails with EIO, waiting for the write to complete returns EIO which then bubbles up to userspace. But this also "consumes" the IO error and so the journalling layer which commits transaction later does not know there was IO error before and so it happily commits the transaction. As I've verified, this scenario indeed leads to stale data exposure that data_err=abort mount option is meant to prevent. I have to think how to fix this properly... -- You are receiving this mail because: You are watching the assignee of the bug.
Powered by blists - more mailing lists