lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 15 Jul 2020 14:16:56 +0800
From:   Chao Yu <yuchao0@...wei.com>
To:     Daeho Jeong <daeho43@...il.com>
CC:     Jaegeuk Kim <jaegeuk@...nel.org>,
        Daeho Jeong <daehojeong@...gle.com>, <kernel-team@...roid.com>,
        <linux-kernel@...r.kernel.org>,
        <linux-f2fs-devel@...ts.sourceforge.net>
Subject: Re: [f2fs-dev] [PATCH v2] f2fs: change the way of handling range.len
 in F2FS_IOC_SEC_TRIM_FILE

On 2020/7/15 12:06, Daeho Jeong wrote:
> We could use fscrypt_zeroout_range() for an encrypted file.
> But, one problem is fscrypt_zeroout_range() assumes that filesystems
> only use a single block device.
> It means it doesn't receive bdev as a parameter.
> How about changing the interface of fscrypt_zeroout_range() first and using it?

Yes, please limited to use fscrypt_zeroout_range() on non-multidevice f2fs image
first, we can add a condition to check that in the beginning of ioctl interface,
once fscrypt_zeroout_range() accepts bdev as parameter, we can remove that limitation.

Thanks,

> 
> 2020년 7월 14일 (화) 오후 9:36, Chao Yu <yuchao0@...wei.com>님이 작성:
>>
>> On 2020/7/14 2:11, Jaegeuk Kim wrote:
>>> Hi Daeho,
>>>
>>> Please take a look at this.
>>>
>>> https://git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs.git/commit/?h=dev&id=35245180459aebf6d70fde88a538f0400a794aa6
>>
>> I'm curious about what will happen if we call
>> sec_trim_file(F2FS_TRIM_FILE_ZEROOUT) on an encrypted file, will
>> it use zero bits covering encrypted data on disk?
>>
>> Thanks,
>>
>>>
>>> Thanks,
>>>
>>> On 07/13, Daeho Jeong wrote:
>>>> From: Daeho Jeong <daehojeong@...gle.com>
>>>>
>>>> Changed the way of handling range.len of F2FS_IOC_SEC_TRIM_FILE.
>>>>  1. Added -1 value support for range.len to secure trim the whole blocks
>>>>     starting from range.start regardless of i_size.
>>>>  2. If the end of the range passes over the end of file, it means until
>>>>     the end of file (i_size).
>>>>  3. ignored the case of that range.len is zero to prevent the function
>>>>     from making end_addr zero and triggering different behaviour of
>>>>     the function.
>>>>
>>>> Signed-off-by: Daeho Jeong <daehojeong@...gle.com>
>>>> ---
>>>> Changes in v2:
>>>>  - Changed -1 range.len option to mean the whole blocks starting from
>>>>    range.start regardless of i_size
>>>> ---
>>>>  fs/f2fs/file.c | 23 ++++++++++++-----------
>>>>  1 file changed, 12 insertions(+), 11 deletions(-)
>>>>
>>>> diff --git a/fs/f2fs/file.c b/fs/f2fs/file.c
>>>> index 368c80f8e2a1..2485841e3b2d 100644
>>>> --- a/fs/f2fs/file.c
>>>> +++ b/fs/f2fs/file.c
>>>> @@ -3792,7 +3792,7 @@ static int f2fs_sec_trim_file(struct file *filp, unsigned long arg)
>>>>      pgoff_t index, pg_end;
>>>>      block_t prev_block = 0, len = 0;
>>>>      loff_t end_addr;
>>>> -    bool to_end;
>>>> +    bool to_end = false;
>>>>      int ret = 0;
>>>>
>>>>      if (!(filp->f_mode & FMODE_WRITE))
>>>> @@ -3813,23 +3813,23 @@ static int f2fs_sec_trim_file(struct file *filp, unsigned long arg)
>>>>      file_start_write(filp);
>>>>      inode_lock(inode);
>>>>
>>>> -    if (f2fs_is_atomic_file(inode) || f2fs_compressed_file(inode)) {
>>>> +    if (f2fs_is_atomic_file(inode) || f2fs_compressed_file(inode) ||
>>>> +                    range.start >= inode->i_size) {
>>>>              ret = -EINVAL;
>>>>              goto err;
>>>>      }
>>>>
>>>> -    if (range.start >= inode->i_size) {
>>>> -            ret = -EINVAL;
>>>> +    if (range.len == 0)
>>>>              goto err;
>>>> -    }
>>>>
>>>> -    if (inode->i_size - range.start < range.len) {
>>>> -            ret = -E2BIG;
>>>> -            goto err;
>>>> +    if (inode->i_size - range.start > range.len) {
>>>> +            end_addr = range.start + range.len;
>>>> +    } else {
>>>> +            end_addr = range.len == (u64)-1 ?
>>>> +                    sbi->sb->s_maxbytes : inode->i_size;
>>>> +            to_end = true;
>>>>      }
>>>> -    end_addr = range.start + range.len;
>>>>
>>>> -    to_end = (end_addr == inode->i_size);
>>>>      if (!IS_ALIGNED(range.start, F2FS_BLKSIZE) ||
>>>>                      (!to_end && !IS_ALIGNED(end_addr, F2FS_BLKSIZE))) {
>>>>              ret = -EINVAL;
>>>> @@ -3846,7 +3846,8 @@ static int f2fs_sec_trim_file(struct file *filp, unsigned long arg)
>>>>      down_write(&F2FS_I(inode)->i_gc_rwsem[WRITE]);
>>>>      down_write(&F2FS_I(inode)->i_mmap_sem);
>>>>
>>>> -    ret = filemap_write_and_wait_range(mapping, range.start, end_addr - 1);
>>>> +    ret = filemap_write_and_wait_range(mapping, range.start,
>>>> +                    to_end ? LLONG_MAX : end_addr - 1);
>>>>      if (ret)
>>>>              goto out;
>>>>
>>>> --
>>>> 2.27.0.383.g050319c2ae-goog
>>>
>>>
>>> _______________________________________________
>>> Linux-f2fs-devel mailing list
>>> Linux-f2fs-devel@...ts.sourceforge.net
>>> https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
>>> .
>>>
> .
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ