lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20230817195415.GE2247938@mit.edu>
Date:   Thu, 17 Aug 2023 15:54:15 -0400
From:   "Theodore Ts'o" <tytso@....edu>
To:     Wang Jianjian <wangjianjian0@...mail.com>
Cc:     linux-ext4@...r.kernel.org
Subject: Re: [PATCH] ext4: Free data blocks directly for ordered journal

On Sat, Jun 24, 2023 at 11:52:59PM +0800, Wang Jianjian wrote:
> ---
>  fs/ext4/mballoc.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/fs/ext4/mballoc.c b/fs/ext4/mballoc.c
> index 7b2e36d103cb..41fdc2f8c061 100644
> --- a/fs/ext4/mballoc.c
> +++ b/fs/ext4/mballoc.c
> @@ -6206,7 +6206,7 @@ static void ext4_mb_clear_bb(handle_t *handle, struct inode *inode,
>  	 * consistency guarantees.
>  	 */
>  	if (ext4_handle_valid(handle) &&
> -	    ((flags & EXT4_FREE_BLOCKS_METADATA) ||
> +	    ((ext4_should_order_data(inode) && (flags & EXT4_FREE_BLOCKS_METADATA)) ||
>  	     !ext4_should_writeback_data(inode))) {
>  		struct ext4_free_data *new_entry;
>  		/*

This is not a safe thing to do, so I have to reject this patch.  As
stated in the comment immediately above this code:

	/*
	 * We need to make sure we don't reuse the freed block until after the
	 * transaction is committed. We make an exception if the inode is to be
	 * written in writeback mode since writeback mode has weak data
	 * consistency guarantees.
	 */

In ordered mode, we *do* care that if a file is deleted, and then the
block gets reallocated and used for some new file --- and then we
crash before a transaction commits, then the not-actually-deleted file
would have its data blocks corrupted.

							- Ted

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ