lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <YriHH5lLBRABuZyC@magnolia>
Date:   Sun, 26 Jun 2022 09:19:43 -0700
From:   "Darrick J. Wong" <djwong@...nel.org>
To:     Zorro Lang <zlang@...hat.com>
Cc:     Jeremy Bongio <bongiojp@...il.com>, Ted Tso <tytso@....edu>,
        fstests@...r.kernel.org, linux-ext4@...r.kernel.org
Subject: Re: [PATCH] ext4/056: add a check to make sure ext4 uuid ioctls
 get/set during fsstress.

On Sun, Jun 26, 2022 at 12:43:56PM +0800, Zorro Lang wrote:
> On Sat, Jun 25, 2022 at 01:53:21AM -0700, Jeremy Bongio wrote:
> > Adds a utility to get/set uuid through ext4 ioctl. Executes the ioctls while
> > running fsstress. These ioctls are used by tune2fs to safely change the uuid
> > without racing other filesystem modifications.
> > 
> > Signed-off-by: Jeremy Bongio <bongiojp@...il.com>
> > ---
> 
> Hi Jeremy,
> 
> Thanks for the patch, some picky review points as below:
> 
> >  src/Makefile       |   4 +-
> >  src/global.h       |   2 +
> >  src/uuid_ioctl.c   | 106 +++++++++++++++++++++++++++++++++++++++++++++
> >  tests/ext4/056     |  59 +++++++++++++++++++++++++
> >  tests/ext4/056.out |   1 +
> >  5 files changed, 170 insertions(+), 2 deletions(-)
> >  create mode 100644 src/uuid_ioctl.c

New programs need a .gitignore entry.

> >  create mode 100755 tests/ext4/056
> >  create mode 100644 tests/ext4/056.out
> > 
> > diff --git a/src/Makefile b/src/Makefile
> > index 111ce1d9..e33e04de 100644
> > --- a/src/Makefile
> > +++ b/src/Makefile
> > @@ -31,14 +31,14 @@ LINUX_TARGETS = xfsctl bstat t_mtab getdevicesize preallo_rw_pattern_reader \
> >  	dio-invalidate-cache stat_test t_encrypted_d_revalidate \
> >  	attr_replace_test swapon mkswap t_attr_corruption t_open_tmpfiles \
> >  	fscrypt-crypt-util bulkstat_null_ocount splice-test chprojid_fail \
> > -	detached_mounts_propagation ext4_resize
> > +	detached_mounts_propagation ext4_resize uuid_ioctl
> >  
> >  EXTRA_EXECS = dmerror fill2attr fill2fs fill2fs_check scaleread.sh \
> >  	      btrfs_crc32c_forged_name.py
> >  
> >  SUBDIRS = log-writes perf
> >  
> > -LLDLIBS = $(LIBHANDLE) $(LIBACL) -lpthread -lrt
> > +LLDLIBS = $(LIBHANDLE) $(LIBACL) -lpthread -lrt -luuid
> >  
> >  ifeq ($(HAVE_XLOG_ASSIGN_LSN), true)
> >  LINUX_TARGETS += loggen
> > diff --git a/src/global.h b/src/global.h
> > index b4407099..747d95f8 100644
> > --- a/src/global.h
> > +++ b/src/global.h
> > @@ -184,4 +184,6 @@ roundup_64(unsigned long long x, unsigned int y)
> >  	return rounddown_64(x + y - 1, y);
> >  }
> >  
> > +#define BUILD_BUG_ON(condition) ((void)sizeof(char[1 - 2*!!(condition)]))
> > +
> >  #endif /* GLOBAL_H */
> > diff --git a/src/uuid_ioctl.c b/src/uuid_ioctl.c
> > new file mode 100644
> > index 00000000..51480689
> > --- /dev/null
> > +++ b/src/uuid_ioctl.c
> > @@ -0,0 +1,106 @@
> > +// SPDX-License-Identifier: GPL-2.0
> > +
> > +/*
> > + * Test program which uses the raw ext4 set_fsuuid ioctl directly.
> > + * SYNOPSIS:
> > + *   $0 COMMAND MOUNT_POINT [UUID]
> > + *
> > + * COMMAND must be either "get" or "set".
> > + * The UUID must be a 16 octet represented as 32 hexadecimal digits in canonical
> > + * textual representation, e.g. output from `uuidgen`.
> > + *
> > + */
> > +
> > +#include <stdio.h>
> > +#include <fcntl.h>
> > +#include <errno.h>
> > +#include <unistd.h>
> > +#include <stdint.h>
> > +#include <stdlib.h>
> > +#include <string.h>
> > +#include <sys/ioctl.h>
> > +#include <uuid/uuid.h>
> > +#include <linux/fs.h>
> > +#include "global.h"
> > +
> > +struct fsuuid {
> > +        size_t len;
> > +        __u8 *b;
> > +};
> > +
> > +#ifndef EXT4_IOC_GETFSUUID
> > +#define EXT4_IOC_GETFSUUID      _IOR('f', 44, struct fsuuid)
> > +#endif
> > +
> > +#ifndef EXT4_IOC_SETFSUUID
> > +#define EXT4_IOC_SETFSUUID      _IOW('f', 45, struct fsuuid)
> > +#endif
> > +
> > +int main(int argc, char **argv)
> > +{
> > +	int	error, fd;
> > +        struct fsuuid fsuuid;
>         ^
> 
> Bad indent at here, please check the indent of this program.
> 
> > +
> > +	if (argc < 3) {
> > +		fprintf(stderr, "Invalid arguments\n");
> > +		return 1;
> > +	}
> > +
> > +	fd = open(argv[2], O_RDONLY);
> > +	if (!fd) {
> > +		perror(argv[2]);
> > +		return 1;
> > +	}
> > +
> > +	BUILD_BUG_ON(sizeof(uuid_t) % 16);

I'm not sure why we care that the size is a multiple of 16?

> > +	fsuuid.len = 16;

fsuuid.len = sizeof(uuid_t) ?

> > +	fsuuid.b = calloc(fsuuid.len, sizeof(__u8));
> > +
> > +	if (strcmp(argv[1], "get") == 0) {
> > +		uuid_t uuid;
> > +		char uuid_str[37];
> > +
> > +		if (ioctl(fd, EXT4_IOC_GETFSUUID, &fsuuid)) {
> > +			close(fd);
> > +			fprintf(stderr, "%s while trying to get fs uuid\n",
> > +				strerror(errno));

If the close() fails it will obliterate the errno set by the ioctl.

	if (ioctl(...) == -1) {
		perror("GETFSUUID");
		close(fd);
		return 1;
	}

(Also, this is a test program; if you're merely going to exit, then
don't bother closing the fds.)

> > +			return 1;
> > +		}
> > +
> > +		memcpy(&uuid, fsuuid.b, sizeof(uuid));
> > +		uuid_unparse(uuid, uuid_str);
> > +		printf("%s", uuid_str);
> > +	} else if (strcmp(argv[1], "set") == 0) {
> > +		if (argc != 4) {
> > +			fprintf(stderr, "UUID argument missing.\n");
> > +			return 1;
> > +		}
> > +
> > +		if (strlen(argv[3]) != 36) {
> > +			fprintf(stderr, "Invalid UUID. The UUID should be in "
> > +				"canonical format. Example: "
> > +				"8c628557-6987-42b2-ba16-b7cc79ddfb43\n");

Won't uuid_parse catch an overly long string?

> > +			return 1;
> > +		}
> > +
> > +		uuid_t uuid;
> > +		error = uuid_parse(argv[3], uuid);
> > +		if (error < 0) {
> > +			fprintf(stderr, "%s: invalid UUID.\n", argv[0]);
> > +			return 1;
> > +		}
> > +
> > +		memcpy(fsuuid.b, uuid, sizeof(uuid));
> > +		if(ioctl(fd, EXT4_IOC_SETFSUUID, &fsuuid)) {

Space before the  ^ left paren.

> > +			close(fd);
> > +			fprintf(stderr, "%s while trying to set fs uuid\n",
> > +				strerror(errno));
> > +			return 1;
> > +		}
> > +	} else {
> > +		fprintf(stderr, "Invalid command\n");

No return 1 here?

> > +	}
> > +
> > +	close(fd);
> > +	return 0;
> > +}
> > diff --git a/tests/ext4/056 b/tests/ext4/056
> > new file mode 100755
> > index 00000000..46631d46
> > --- /dev/null
> > +++ b/tests/ext4/056
> > @@ -0,0 +1,59 @@
> > +#! /bin/bash
> > +# SPDX-License-Identifier: GPL-2.0
> > +# Copyright (c) 2000-2005 Silicon Graphics, Inc.  All Rights Reserved.

You work for SGI???

> > +#
> > +# Test the set/get UUID ioctl.
> > +#
> > +
> > +. ./common/preamble
> > +_begin_fstest auto ioctl resize
> 
> Why this case is "resize" related?
> 
> > +
> > +tmpfile="/tmp/$$."
> > +trap "rm -f $tmpfile; exit" 0 1 2 3 15
> 
> We have default "trap" when you source ./common/preamble. If you need a custom
> cleanup by youself, you can define a new one in this case (refer to other cases
> which has their own _cleanup).
> 
> > +
> > +# Import common functions.
> > +. ./common/filter
> > +
> > +# real QA test starts here
> > +_supported_fs ext4
> > +_require_scratch
> > +_require_test_program uuid_ioctl
> > +
> > +UUID_IOCTL=$here/src/uuid_ioctl
> > +
> > +# if the ioctl is not supported by the kernel, then skip test.
> > +current_uid=$($UUID_IOCTL get $SCRATCH_MNT)
> > +if [[ "$current_uid" = "Inappropriate ioctl for device while trying to set fs uuid" ]]; then

While trying to **set** fs uuid?  The command above retrieves it, right?

Also, didn't the test program print that error message to stderr?  Which
the $() backticks don't capture.

> > +  _notrun "UUID ioctls are not supported by kernel."
>    ^
> 
> It's not fault, but we recommended the tab width is 8, for fstests bash script.
> 
> > +fi
> > +
> > +# Create filesystem and mount
> > +_scratch_mkfs_ext4 -O metadata_csum_seed >> $seqres.full 2>&1
>                                             ^
> Generally we make sure $seqres.full is null (rm -f $seqres.full) or truncated
> at first. So an easier way is using "> $seqres.full" at the first place which
> trys to write $seqres.full, to clean .full file.

The preamble always does this, so the append is fine.

> > +_scratch_mount >> $seqres.full
> > +
> > +# Begin fsstress while modifying UUID
> > +fsstress_args=$(_scale_fsstress_args -d $SCRATCH_MNT -p 15 -n 999999)
> > +"$FSSTRESS_PROG" $fsstress_args > /dev/null &
> 
> Better to use "2>&1" if you don't want this case fails on some weird fsstress
> error output. Or ">>$seqres.full 2>&1" if you'd like to know what happened
> on fsstress.
> 
> Do I miss something? I didn't find any place try to make sure above fsstress
> process is killed/end (by using kill and wait).

Right -- the test should kill fsstress once it's done.

> > +
> > +test_uuid_ioctl()
> > +{
> > +  for n in $(seq 1 20); do
> > +    new_uuid=$(uuidgen)
> 
> I think uuidgen isn't a tool which is 100% installed on all linux system. So
> 
> _require_command $UUIDGEN_PROG uuidgen
> 
> > +
> > +    echo "Setting UUID to ${new_uuid}" >> $seqres.full 2>&1
> > +    $UUID_IOCTL set $SCRATCH_MNT $new_uuid >> $seqres.full 2>&1

Shouldn't unexpected errors be recorded in the golden output?

> > +
> > +    current_uuid=$($UUID_IOCTL get $SCRATCH_MNT)
> > +    echo "$UUID_IOCTL get $SCARTCH_MNT: $current_uuid" >> $seqres.full 2>&1
> > +    if [[ "$current_uuid" != "$new_uuid" ]]; then
> > +      echo "UUID does not equal what was sent with the ioctl"
> > +      exit
> 
> I think break is enough, but exit is fine too.

Why even break?  Let the test continue running and recording all the
failures it encounters, not just the first one.

--D

> 
> > +    fi
> > +  done
> > +}
> > +
> > +test_uuid_ioctl
> 
> I'm wondering why not run the code in test_uuid_ioctl directly. Looks like you
> just make them into a function, then run this function once. It doesn't use
> local variables, or be called many times, or have many complicated lines. Or
> you'd like to package the codes in "for n in $(seq 1 20)" loop?
> 
> > +
> > +# success, all done
> > +status=0
> > +exit
> > diff --git a/tests/ext4/056.out b/tests/ext4/056.out
> > new file mode 100644
> > index 00000000..06f52bb4
> > --- /dev/null
> > +++ b/tests/ext4/056.out
> > @@ -0,0 +1 @@
> > +QA output created by 056
> 
> Silence is golden ?
> 
> Thanks,
> Zorro
> 
> > -- 
> > 2.37.0.rc0.161.g10f37bed90-goog
> > 
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ