| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ykvzskyxtwsy42lxxin6avihe6lbub75ywvn7e6zod6m45dpyy@6xkfaynjpuos>
Date: Tue, 25 Nov 2025 10:58:32 +0800
From: Heming Zhao <heming.zhao@...e.com>
To: Ahmet Eray Karadag <eraykrdg1@...il.com>
Cc: mark@...heh.com, jlbec@...lplan.org, joseph.qi@...ux.alibaba.com,
ocfs2-devel@...ts.linux.dev, linux-kernel@...r.kernel.org, david.hunter.linux@...il.com,
skhan@...uxfoundation.org, Albin Babu Varghese <albinbabuvarghese20@...il.com>
Subject: Re: [PATCH 1/2] ocfs2: Add ocfs2_emergency_state helper and apply to
setattr
On Tue, Nov 18, 2025 at 03:26:44AM +0300, Ahmet Eray Karadag wrote:
> To centralize error checking, follow the pattern of other filesystems
> like ext4 (which uses `ext4_emergency_state()`), and prepare for
> future enhancements, this patch introduces a new helper function:
> `ocfs2_emergency_state()`.
>
> The purpose of this helper is to provide a single, unified location
> for checking all filesystem-level emergency conditions. In this
> initial implementation, the function only checks for the existing
> hard and soft read-only modes, returning -EROFS if either is set.
>
> This provides a foundation where future checks (e.g., for fatal error
> states returning -EIO, or shutdown states) can be easily added in
> one place.
>
> This patch also adds this new check to the beginning of
> `ocfs2_setattr()`. This ensures that operations like `ftruncate`
> (which triggered the original BUG) fail-fast with -EROFS when the
> filesystem is already in a read-only state.
>
> Suggested-by: Heming Zhao <heming.zhao@...e.com>
> Co-developed-by: Albin Babu Varghese <albinbabuvarghese20@...il.com>
> Signed-off-by: Albin Babu Varghese <albinbabuvarghese20@...il.com>
> Signed-off-by: Ahmet Eray Karadag <eraykrdg1@...il.com>
> ---
> fs/ocfs2/file.c | 6 ++++++
> fs/ocfs2/ocfs2.h | 8 ++++++++
> 2 files changed, 14 insertions(+)
>
> diff --git a/fs/ocfs2/file.c b/fs/ocfs2/file.c
> index 21d797ccccd0..03a98985ac92 100644
> --- a/fs/ocfs2/file.c
> +++ b/fs/ocfs2/file.c
> @@ -1137,6 +1137,12 @@ int ocfs2_setattr(struct mnt_idmap *idmap, struct dentry *dentry,
> from_kgid(&init_user_ns, attr->ia_gid) : 0);
>
> /* ensuring we don't even attempt to truncate a symlink */
> + status = ocfs2_emergency_state(osb);
> + if (status < 0) {
> + mlog_errno(status);
> + goto bail;
> + }
> +
I prefer the ext4_emerency_state() style, using "if (unlikely(status))" here.
> if (S_ISLNK(inode->i_mode))
> attr->ia_valid &= ~ATTR_SIZE;
>
> diff --git a/fs/ocfs2/ocfs2.h b/fs/ocfs2/ocfs2.h
> index 6aaa94c554c1..2ac16632dd19 100644
> --- a/fs/ocfs2/ocfs2.h
> +++ b/fs/ocfs2/ocfs2.h
> @@ -680,6 +680,14 @@ static inline int ocfs2_is_soft_readonly(struct ocfs2_super *osb)
> return ret;
> }
>
> +static inline int ocfs2_emergency_state(struct ocfs2_super *osb)
> +{
> + if (ocfs2_is_soft_readonly(osb) || ocfs2_is_hard_readonly(osb)) {
> + return -EROFS;
> + }
> + return 0;
> +}
> +
calling ocfs2_is_[soft|hard]_readonly() is a little expensive because it
involves acquiring the spinlock osb->osb_lock twice. In my view, we could
introduce a new function, such as ocfs2_is_readonly():
```
static inline int ocfs2_is_readonly(struct ocfs2_super *osb)
{
int ret;
spin_lock(&osb->osb_lock);
ret = osb->osb_flags & (OCFS2_OSB_SOFT_RO | OCFS2_OSB_HARD_RO);
spin_unlock(&osb->osb_lock);
return ret
}
```
Thanks,
Heming
> static inline int ocfs2_clusterinfo_valid(struct ocfs2_super *osb)
> {
> return (osb->s_feature_incompat &
> --
> 2.43.0
>
Powered by blists - more mailing lists