lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Wed, 16 Jun 2021 13:56:30 -0600
From:   Andreas Dilger <adilger@...ger.ca>
To:     Jan Kara <jack@...e.cz>
Cc:     Ted Tso <tytso@....edu>, linux-ext4@...r.kernel.org
Subject: Re: [PATCH 1/4] ext4: Support for checksumming from journal triggers

On Jun 16, 2021, at 4:56 AM, Jan Kara <jack@...e.cz> wrote:
> 
> JBD2 layer support triggers which are called when journaling layer moves
> buffer to a certain state. We can use the frozen trigger, which gets
> called when buffer data is frozen and about to be written out to the
> journal, to compute block checksums for some buffer types (similarly as
> does ocfs2). This avoids unnecessary repeated recomputation of the
> checksum (at the cost of larger window where memory corruption won't be
> caught by checksumming) and is even necessary when there are
> unsynchronized updaters of the checksummed data.
> 
> So add argument to ext4_journal_get_write_access() and
> ext4_journal_get_create_access() which describes buffer type so that
> triggers can be set accordingly. This patch is mostly only a change of
> prototype of the above mentioned functions and a few small helpers. Real
> checksumming will come later.
> 
> Signed-off-by: Jan Kara <jack@...e.cz>
> ---

Comment inline.

> 
> diff --git a/fs/ext4/ext4_jbd2.c b/fs/ext4/ext4_jbd2.c
> index be799040a415..f601e24b6015 100644
> --- a/fs/ext4/ext4_jbd2.c
> +++ b/fs/ext4/ext4_jbd2.c
> @@ -229,11 +231,18 @@ int __ext4_journal_get_write_access(const char *where, unsigned int line,
> 
> 	if (ext4_handle_valid(handle)) {
> 		err = jbd2_journal_get_write_access(handle, bh);
> -		if (err)
> +		if (err) {
> 			ext4_journal_abort_handle(where, line, __func__, bh,
> 						  handle, err);
> +			return err;
> +		}
> 	}
> -	return err;
> +	if (trigger_type == EXT4_JTR_NONE || !ext4_has_metadata_csum(sb))
> +		return 0;
> +	WARN_ON_ONCE(trigger_type >= EXT4_JOURNAL_TRIGGER_COUNT);

I'm not sure WARN_ON_ONCE() is enough here.  This would essentially result
in executing a random (or maybe NULL) function pointer later on.  Either
trigger_type should be checked early and return an error, or this should
be a BUG_ON() so that the crash happens here instead of in jbd context.

> +	jbd2_journal_set_triggers(bh,
> +		&EXT4_SB(sb)->s_journal_triggers[trigger_type].tr_triggers);
> +	return 0;
> }
> 
> /*
> @@ -304,17 +313,27 @@ int __ext4_forget(const char *where, unsigned int line,
> int __ext4_journal_get_create_access(const char *where, unsigned int line,
> -				handle_t *handle, struct buffer_head *bh)
> +				handle_t *handle, struct super_block *sb,
> +				struct buffer_head *bh,
> +				enum ext4_journal_trigger_type trigger_type)
> {
> -	int err = 0;
> +	int err;
> 
> -	if (ext4_handle_valid(handle)) {
> -		err = jbd2_journal_get_create_access(handle, bh);
> -		if (err)
> -			ext4_journal_abort_handle(where, line, __func__,
> -						  bh, handle, err);
> +	if (!ext4_handle_valid(handle))
> +		return 0;
> +
> +	err = jbd2_journal_get_create_access(handle, bh);
> +	if (err) {
> +		ext4_journal_abort_handle(where, line, __func__, bh, handle,
> +					  err);
> +		return err;
> 	}
> -	return err;
> +	if (trigger_type == EXT4_JTR_NONE || !ext4_has_metadata_csum(sb))
> +		return 0;
> +	WARN_ON_ONCE(trigger_type >= EXT4_JOURNAL_TRIGGER_COUNT);

Same.

> +	jbd2_journal_set_triggers(bh,
> +		&EXT4_SB(sb)->s_journal_triggers[trigger_type].tr_triggers);
> +	return 0;
> }


Cheers, Andreas






Download attachment "signature.asc" of type "application/pgp-signature" (874 bytes)

Powered by blists - more mailing lists