lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20250219234734.GA758416@google.com>
Date: Wed, 19 Feb 2025 23:47:34 +0000
From: Sami Tolvanen <samitolvanen@...gle.com>
To: Mikulas Patocka <mpatocka@...hat.com>
Cc: Eric Biggers <ebiggers@...nel.org>,
	Akilesh Kailash <akailash@...gle.com>, kernel-team@...roid.com,
	Alasdair Kergon <agk@...hat.com>, Mike Snitzer <snitzer@...nel.org>,
	Milan Broz <gmazyland@...il.com>, dm-devel@...ts.linux.dev,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] dm-verity: do forward error correction on metadata
 I/O errors

On Mon, Feb 17, 2025 at 10:36:02PM +0100, Mikulas Patocka wrote:
> dm-verity: do forward error correction on metadata I/O errors
> 
> Do forward error correction if metadata I/O fails.
> 
> Signed-off-by: Mikulas Patocka <mpatocka@...hat.com>
> 
> ---
>  drivers/md/dm-verity-target.c |   25 +++++++++++++++++++++----
>  1 file changed, 21 insertions(+), 4 deletions(-)
> 
> Index: linux-2.6/drivers/md/dm-verity-target.c
> ===================================================================
> --- linux-2.6.orig/drivers/md/dm-verity-target.c	2025-02-10 16:24:56.000000000 +0100
> +++ linux-2.6/drivers/md/dm-verity-target.c	2025-02-17 16:47:37.000000000 +0100
> @@ -311,7 +311,7 @@ static int verity_verify_level(struct dm
>  
>  	if (static_branch_unlikely(&use_bh_wq_enabled) && io->in_bh) {
>  		data = dm_bufio_get(v->bufio, hash_block, &buf);
> -		if (data == NULL) {
> +		if (IS_ERR_OR_NULL(data)) {

Thanks for adding the check, makes this easier to follow.

>  			/*
>  			 * In tasklet and the hash was not in the bufio cache.
>  			 * Return early and resume execution from a work-queue
> @@ -324,8 +324,24 @@ static int verity_verify_level(struct dm
>  						&buf, bio->bi_ioprio);
>  	}
>  
> -	if (IS_ERR(data))
> -		return PTR_ERR(data);
> +	if (IS_ERR(data)) {
> +		if (skip_unverified)
> +			return 1;
> +		r = PTR_ERR(data);
> +		data = dm_bufio_new(v->bufio, hash_block, &buf);
> +		if (IS_ERR(data))
> +			return r;
> +		if (verity_fec_decode(v, io, DM_VERITY_BLOCK_TYPE_METADATA,
> +				      hash_block, data) == 0) {
> +			aux = dm_bufio_get_aux_data(buf);
> +			aux->hash_verified = 1;
> +			goto release_ok;
> +		} else {
> +			dm_bufio_release(buf);
> +			dm_bufio_forget(v->bufio, hash_block);
> +			return r;
> +		}
> +	}
>  
>  	aux = dm_bufio_get_aux_data(buf);
>  
> @@ -366,6 +382,7 @@ static int verity_verify_level(struct dm
>  		}
>  	}
>  
> +release_ok:
>  	data += offset;
>  	memcpy(want_digest, data, v->digest_size);
>  	r = 0;
> @@ -1761,7 +1778,7 @@ static struct target_type verity_target
>  	.name		= "verity",
>  /* Note: the LSMs depend on the singleton and immutable features */
>  	.features	= DM_TARGET_SINGLETON | DM_TARGET_IMMUTABLE,
> -	.version	= {1, 10, 0},
> +	.version	= {1, 11, 0},
>  	.module		= THIS_MODULE,
>  	.ctr		= verity_ctr,
>  	.dtr		= verity_dtr,

Reviewed-by: Sami Tolvanen <samitolvanen@...gle.com>

Sami

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ