lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <d9d5c8b1-8d47-1b9c-fbf7-c84db6843a9f@redhat.com>
Date: Mon, 17 Feb 2025 22:35:02 +0100 (CET)
From: Mikulas Patocka <mpatocka@...hat.com>
To: Eric Biggers <ebiggers@...nel.org>
cc: Sami Tolvanen <samitolvanen@...gle.com>, 
    Akilesh Kailash <akailash@...gle.com>, kernel-team@...roid.com, 
    Alasdair Kergon <agk@...hat.com>, Mike Snitzer <snitzer@...nel.org>, 
    Milan Broz <gmazyland@...il.com>, dm-devel@...ts.linux.dev, 
    linux-kernel@...r.kernel.org
Subject: Re: [PATCH] dm-verity: do forward error correction on metadata I/O
 errors



On Mon, 10 Feb 2025, Eric Biggers wrote:

> On Mon, Feb 10, 2025 at 08:57:55AM -0800, Sami Tolvanen wrote:
> > Hi Mikulas,
> > 
> > On Mon, Feb 10, 2025 at 7:04 AM Mikulas Patocka <mpatocka@...hat.com> wrote:
> > >
> > > Do forward error correction if metadata I/O fails.
> > >
> > > Signed-off-by: Mikulas Patocka <mpatocka@...hat.com>
> > >
> > > ---
> > >  drivers/md/dm-verity-target.c |   19 +++++++++++++++++--
> > >  1 file changed, 17 insertions(+), 2 deletions(-)
> > >
> > > Index: linux-2.6/drivers/md/dm-verity-target.c
> > > ===================================================================
> > > --- linux-2.6.orig/drivers/md/dm-verity-target.c        2025-02-04 13:52:45.000000000 +0100
> > > +++ linux-2.6/drivers/md/dm-verity-target.c     2025-02-10 15:55:42.000000000 +0100
> > > @@ -324,8 +324,22 @@ static int verity_verify_level(struct dm
> > >                                                 &buf, bio->bi_ioprio);
> > >         }
> > >
> > > -       if (IS_ERR(data))
> > > -               return PTR_ERR(data);
> > > +       if (IS_ERR(data)) {
> > > +               r = PTR_ERR(data);
> > > +               data = dm_bufio_new(v->bufio, hash_block, &buf);
> > > +               if (IS_ERR(data))
> > > +                       return r;
> > > +               if (verity_fec_decode(v, io, DM_VERITY_BLOCK_TYPE_METADATA,
> > > +                                     hash_block, data) == 0) {
> > > +                       aux = dm_bufio_get_aux_data(buf);
> > > +                       aux->hash_verified = 1;
> > > +                       goto release_ok;
> > > +               } else {
> > > +                       dm_bufio_release(buf);
> > > +                       dm_bufio_forget(v->bufio, hash_block);
> > > +                       return r;
> > > +               }
> > > +       }
> > 
> > Don't we still have to check for io->in_bh before trying to correct the error?

dm_bufio_get doesn't return an error code. But adding a test for it 
doesn't hurt.

> > Overall, it would be nice not to duplicate code here. Should the
> > metadata error correction / handling be moved to a separate function
> > similar to verity_handle_data_hash_mismatch?
> > 
> 
> It's also incorrect to do this when skip_verified=true, since in that case
> want_digest (which verity_fec_decode() uses) has not been initialized yet.
> 
> - Eric

Yes, I changed it to return "1" if "skip_unverified" is set.

Mikulas

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ