lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <174786678781.1385354.18340518510462370135.stgit@frogsfrogsfrogs>
Date: Wed, 21 May 2025 15:46:25 -0700
From: "Darrick J. Wong" <djwong@...nel.org>
To: tytso@....edu
Cc: linux-ext4@...r.kernel.org
Subject: [PATCH 05/10] fuse2fs: make norecovery behavior consistent with the
 kernel

From: Darrick J. Wong <djwong@...nel.org>

Amazingly, norecovery/noload on the kernel ext4 driver allows a
read-write mount even for journalled filesystems.  The one case where
mounting fails is if there's a journal and it's dirty.  Make the fuse2fs
option behave the same as the kernel.

Found via ext4/271.

Signed-off-by: "Darrick J. Wong" <djwong@...nel.org>
---
 misc/fuse2fs.c |   27 ++++++++++++++++++++++++---
 1 file changed, 24 insertions(+), 3 deletions(-)


diff --git a/misc/fuse2fs.c b/misc/fuse2fs.c
index e1202fe6ce4a46..364d26a4e0e00e 100644
--- a/misc/fuse2fs.c
+++ b/misc/fuse2fs.c
@@ -692,13 +692,12 @@ static void close_fs(struct fuse2fs *ff)
 static errcode_t open_fs(struct fuse2fs *ff, int libext2_flags)
 {
 	char options[128];
-	int flags = EXT2_FLAG_64BITS | EXT2_FLAG_THREADS | libext2_flags;
+	int flags = EXT2_FLAG_64BITS | EXT2_FLAG_THREADS | EXT2_FLAG_RW |
+		    libext2_flags;
 	errcode_t err;
 
 	snprintf(options, sizeof(options) - 1, "offset=%lu", ff->offset);
 
-	if (!ff->norecovery)
-		flags |= EXT2_FLAG_RW;
 	if (ff->directio)
 		flags |= EXT2_FLAG_DIRECT_IO;
 
@@ -759,6 +758,22 @@ static errcode_t check_fs_supported(struct fuse2fs *ff)
 	return 0;
 }
 
+static int check_norecovery(struct fuse2fs *ff)
+{
+	if (ext2fs_has_feature_journal_needs_recovery(ff->fs->super) &&
+	    !ff->ro) {
+		log_printf(ff, "%s\n",
+ _("Required journal recovery suppressed and not mounted read-only."));
+		return 32;
+	}
+
+	/*
+	 * Amazingly, norecovery allows a rw mount when there's a clean journal
+	 * present.
+	 */
+	return 0;
+}
+
 static errcode_t mount_fs(struct fuse2fs *ff)
 {
 	ext2_filsys fs = ff->fs;
@@ -4702,6 +4717,12 @@ int main(int argc, char *argv[])
 	if (ext2fs_has_feature_shared_blocks(fctx.fs->super))
 		fctx.ro = 1;
 
+	if (fctx.norecovery) {
+		ret = check_norecovery(&fctx);
+		if (ret)
+			goto out;
+	}
+
 	err = mount_fs(&fctx);
 	if (err) {
 		ret = 32;


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ