lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 19 Jul 2022 08:17:04 -0700
From:   "Darrick J. Wong" <djwong@...nel.org>
To:     Jeremy Bongio <bongiojp@...il.com>
Cc:     Ted Tso <tytso@....edu>, linux-ext4@...r.kernel.org
Subject: Re: [PATCH v2] Add support for get/set UUID ioctls.

> Subject: [PATCH v2] Add support for get/set UUID ioctls.

Quick tip: Many people explicitly tag these userspace patches with the
name of the tool in the subject line, e.g.

[PATCH v2] tune2fs: add support for get/set UUID ioctls.

On Mon, Jul 18, 2022 at 11:56:37PM -0700, Jeremy Bongio wrote:
> When mounted, there is a race condition between changing the filesystem
> UUID and changing other aspects of the filesystem, like mounting, resizing,
> changing features, etc. Using these ioctls to get/set the UUID ensures the
> filesystem is not being resized.
> 
> Signed-off-by: Jeremy Bongio <bongiojp@...il.com>
> ---
> 
> fu_* fields are now named fsu_*.
> 
> Removed EXT4_IOC_SETFSUUID_FLAG_BLOCKING flag.
> 
> fsu_flags is initialized to 0.
> 
>  misc/tune2fs.c | 104 ++++++++++++++++++++++++++++++++++++++++---------
>  1 file changed, 86 insertions(+), 18 deletions(-)
> 
> diff --git a/misc/tune2fs.c b/misc/tune2fs.c
> index 6c162ba5..39399d83 100644
> --- a/misc/tune2fs.c
> +++ b/misc/tune2fs.c
> @@ -82,11 +82,25 @@ extern int optind;
>  #define FS_IOC_GETFSLABEL	_IOR(0x94, 49, char[FSLABEL_MAX])
>  #endif
>  
> +struct fsuuid {
> +	__u32   fsu_len;
> +	__u32   fsu_flags;
> +	__u8    fsu_uuid[];
> +};
> +
> +#ifndef EXT4_IOC_GETFSUUID
> +#define EXT4_IOC_GETFSUUID	_IOR('f', 44, struct fsuuid)
> +#endif
> +
> +#ifndef EXT4_IOC_SETFSUUID
> +#define EXT4_IOC_SETFSUUID	_IOW('f', 44, struct fsuuid)
> +#endif
> +
>  extern int ask_yn(const char *string, int def);
>  
>  const char *program_name = "tune2fs";
>  char *device_name;
> -char *new_label, *new_last_mounted, *new_UUID;
> +char *new_label, *new_last_mounted, *requested_uuid;
>  char *io_options;
>  static int c_flag, C_flag, e_flag, f_flag, g_flag, i_flag, l_flag, L_flag;
>  static int m_flag, M_flag, Q_flag, r_flag, s_flag = -1, u_flag, U_flag, T_flag;
> @@ -2102,7 +2116,7 @@ static void parse_tune2fs_options(int argc, char **argv)
>  				open_flag = EXT2_FLAG_RW;
>  				break;
>  		case 'U':
> -			new_UUID = optarg;
> +			requested_uuid = optarg;
>  			U_flag = 1;
>  			open_flag = EXT2_FLAG_RW |
>  				EXT2_FLAG_JOURNAL_DEV_OK;
> @@ -3078,6 +3092,52 @@ int handle_fslabel(int setlabel) {
>  	return 0;
>  }
>  
> +/*
> + * Use EXT4_IOC_GETFSUUID/EXT4_IOC_SETFSUUID to get/set file system UUID.
> + * Return:	0 on success
> + *		1 on error
> + *		-1 when the old method should be used
> + */
> +int handle_fsuuid(__u8 *uuid, bool get)
> +{
> +	errcode_t ret;
> +	int mnt_flags, fd;
> +	char label[FSLABEL_MAX];
> +	int maxlen = FSLABEL_MAX - 1;
> +	char mntpt[PATH_MAX + 1];
> +	struct fsuuid *fsuuid = NULL;
> +
> +	fsuuid = malloc(sizeof(*fsuuid) + UUID_SIZE);
> +	if (!fsuuid)
> +		return -1;
> +
> +	memcpy(fsuuid->fsu_uuid, uuid, UUID_SIZE);
> +	fsuuid->fsu_len = UUID_SIZE;
> +	fsuuid->fsu_flags = 0;
> +
> +	ret = ext2fs_check_mount_point(device_name, &mnt_flags,
> +					  mntpt, sizeof(mntpt));
> +	if (ret || !(mnt_flags & EXT2_MF_MOUNTED) ||
> +		(!get && (mnt_flags & EXT2_MF_READONLY)) ||
> +		!mntpt[0])
> +		return -1;
> +
> +	fd = open(mntpt, O_RDONLY);
> +	if (fd < 0)
> +		return -1;
> +
> +	if (get) {
> +		if (ioctl(fd, EXT4_IOC_GETFSUUID, fsuuid))
> +			ret = -1;
> +	} else {
> +		if (ioctl(fd, EXT4_IOC_SETFSUUID, fsuuid))
> +			ret = -1;
> +	}
> +	close(fd);
> +	return ret;

ret is probably zero here, right?

That said, I don't think it's a great idea to go mixing errcode_t and
"the normal libc int return value" like that, since (a) that's type
confusion and (b)

return 0;

gets the point across with less effort.

> +}
> +
> +
>  #ifndef BUILD_AS_LIB
>  int main(int argc, char **argv)
>  #else
> @@ -3454,6 +3514,7 @@ _("Warning: The journal is dirty. You may wish to replay the journal like:\n\n"
>  		dgrp_t i;
>  		char buf[SUPERBLOCK_SIZE] __attribute__ ((aligned(8)));
>  		__u8 old_uuid[UUID_SIZE];
> +		uuid_t new_uuid;
>  
>  		if (ext2fs_has_feature_stable_inodes(fs->super)) {
>  			fputs(_("Cannot change the UUID of this filesystem "
> @@ -3507,25 +3568,34 @@ _("Warning: The journal is dirty. You may wish to replay the journal like:\n\n"
>  				set_csum = 1;
>  		}
>  
> -		memcpy(old_uuid, sb->s_uuid, UUID_SIZE);
> -		if ((strcasecmp(new_UUID, "null") == 0) ||
> -		    (strcasecmp(new_UUID, "clear") == 0)) {
> -			uuid_clear(sb->s_uuid);
> -		} else if (strcasecmp(new_UUID, "time") == 0) {
> -			uuid_generate_time(sb->s_uuid);
> -		} else if (strcasecmp(new_UUID, "random") == 0) {
> -			uuid_generate(sb->s_uuid);
> -		} else if (uuid_parse(new_UUID, sb->s_uuid)) {
> +		rc = handle_fsuuid(old_uuid, true);

Might also be helpful to readers to wrap handle_fsuuid with something
containing "get" and "set" in the name explicitly, e.g.

static inline int get_mounted_fsuuid(__u8 *old_uuid)
{
	return handle_fssuid(old_uuid, true);
}

I /think/ the rest looks plausible, but oof tune2fs is a bear to read.
My apologies for all the random cruft I've contributed over the years
(rewriting every inode on the filesystem to add checksums? seriously??)

--D

> +		if (rc == -1)
> +			memcpy(old_uuid, sb->s_uuid, UUID_SIZE);
> +
> +		if ((strcasecmp(requested_uuid, "null") == 0) ||
> +		    (strcasecmp(requested_uuid, "clear") == 0)) {
> +			uuid_clear(new_uuid);
> +		} else if (strcasecmp(requested_uuid, "time") == 0) {
> +			uuid_generate_time(new_uuid);
> +		} else if (strcasecmp(requested_uuid, "random") == 0) {
> +			uuid_generate(new_uuid);
> +		} else if (uuid_parse(requested_uuid, new_uuid)) {
>  			com_err(program_name, 0, "%s",
>  				_("Invalid UUID format\n"));
>  			rc = 1;
>  			goto closefs;
>  		}
> -		ext2fs_init_csum_seed(fs);
> -		if (set_csum) {
> -			for (i = 0; i < fs->group_desc_count; i++)
> -				ext2fs_group_desc_csum_set(fs, i);
> -			fs->flags &= ~EXT2_FLAG_SUPER_ONLY;
> +
> +		rc = handle_fsuuid(new_uuid, false);
> +		if (rc == -1) {
> +			memcpy(sb->s_uuid, new_uuid, UUID_SIZE);
> +			ext2fs_init_csum_seed(fs);
> +			if (set_csum) {
> +				for (i = 0; i < fs->group_desc_count; i++)
> +					ext2fs_group_desc_csum_set(fs, i);
> +				fs->flags &= ~EXT2_FLAG_SUPER_ONLY;
> +			}
> +			ext2fs_mark_super_dirty(fs);
>  		}
>  
>  		/* If this is a journal dev, we need to copy UUID into jsb */
> @@ -3549,8 +3619,6 @@ _("Warning: The journal is dirty. You may wish to replay the journal like:\n\n"
>  			if ((rc = fs_update_journal_user(sb, old_uuid)))
>  				goto closefs;
>  		}
> -
> -		ext2fs_mark_super_dirty(fs);
>  	}
>  
>  	if (I_flag) {
> -- 
> 2.37.0.170.g444d1eabd0-goog
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ