lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <YFq+aQW7eihFuSst@google.com>
Date:   Tue, 23 Mar 2021 21:22:01 -0700
From:   Jaegeuk Kim <jaegeuk@...nel.org>
To:     Chao Yu <yuchao0@...wei.com>
Cc:     linux-f2fs-devel@...ts.sourceforge.net,
        linux-kernel@...r.kernel.org, chao@...nel.org
Subject: Re: [PATCH] Revert "f2fs: give a warning only for readonly partition"

On 03/24, Chao Yu wrote:
> On 2021/3/24 2:39, Jaegeuk Kim wrote:
> > On 03/23, Chao Yu wrote:
> > > This reverts commit 938a184265d75ea474f1c6fe1da96a5196163789.
> > > 
> > > Because that commit fails generic/050 testcase which expect failure
> > > during mount a recoverable readonly partition.
> > 
> > I think we need to change generic/050, since f2fs can recover this partition,
> 
> Well, not sure we can change that testcase, since it restricts all generic
> filesystems behavior. At least, ext4's behavior makes sense to me:
> 
> 	journal_dev_ro = bdev_read_only(journal->j_dev);
> 	really_read_only = bdev_read_only(sb->s_bdev) | journal_dev_ro;
> 
> 	if (journal_dev_ro && !sb_rdonly(sb)) {
> 		ext4_msg(sb, KERN_ERR,
> 			 "journal device read-only, try mounting with '-o ro'");
> 		err = -EROFS;
> 		goto err_out;
> 	}
> 
> 	if (ext4_has_feature_journal_needs_recovery(sb)) {
> 		if (sb_rdonly(sb)) {
> 			ext4_msg(sb, KERN_INFO, "INFO: recovery "
> 					"required on readonly filesystem");
> 			if (really_read_only) {
> 				ext4_msg(sb, KERN_ERR, "write access "
> 					"unavailable, cannot proceed "
> 					"(try mounting with noload)");
> 				err = -EROFS;
> 				goto err_out;
> 			}
> 			ext4_msg(sb, KERN_INFO, "write access will "
> 			       "be enabled during recovery");
> 		}
> 	}
> 
> > even though using it as readonly. And, valid checkpoint can allow for user to
> > read all the data without problem.
> 
> >>   		if (f2fs_hw_is_readonly(sbi)) {
> 
> Since device is readonly now, all write to the device will fail, checkpoint can
> not persist recovered data, after page cache is expired, user can see stale data.

My point is, after mount with ro, there'll be no data write which preserves the
current status. So, in the next time, we can recover fsync'ed data later, if
user succeeds to mount as rw. Another point is, with the current checkpoint, we
should not have any corrupted metadata. So, why not giving a chance to show what
data remained to user? I think this can be doable only with CoW filesystems.

> 
> Am I missing something?
> 
> Thanks,
> 
> > 
> > > 
> > > Fixes: 938a184265d7 ("f2fs: give a warning only for readonly partition")
> > > Signed-off-by: Chao Yu <yuchao0@...wei.com>
> > > ---
> > >   fs/f2fs/super.c | 8 +++++---
> > >   1 file changed, 5 insertions(+), 3 deletions(-)
> > > 
> > > diff --git a/fs/f2fs/super.c b/fs/f2fs/super.c
> > > index b48281642e98..2b78ee11f093 100644
> > > --- a/fs/f2fs/super.c
> > > +++ b/fs/f2fs/super.c
> > > @@ -3952,10 +3952,12 @@ static int f2fs_fill_super(struct super_block *sb, void *data, int silent)
> > >   		 * previous checkpoint was not done by clean system shutdown.
> > >   		 */
> > >   		if (f2fs_hw_is_readonly(sbi)) {
> > > -			if (!is_set_ckpt_flags(sbi, CP_UMOUNT_FLAG))
> > > +			if (!is_set_ckpt_flags(sbi, CP_UMOUNT_FLAG)) {
> > > +				err = -EROFS;
> > >   				f2fs_err(sbi, "Need to recover fsync data, but write access unavailable");
> > > -			else
> > > -				f2fs_info(sbi, "write access unavailable, skipping recovery");
> > > +				goto free_meta;
> > > +			}
> > > +			f2fs_info(sbi, "write access unavailable, skipping recovery");
> > >   			goto reset_checkpoint;
> > >   		}
> > > -- 
> > > 2.29.2
> > .
> > 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ