From: Eric Biggers <ebiggers@kernel.org>
To: Mikulas Patocka <mpatocka@redhat.com>
Cc: Sami Tolvanen <samitolvanen@google.com>,
Alasdair Kergon <agk@redhat.com>,
Mike Snitzer <snitzer@kernel.org>,
dm-devel@lists.linux.dev, Guangwu Zhang <guazhang@redhat.com>,
Ondrej Kozina <okozina@redhat.com>,
Milan Broz <gmazyland@gmail.com>
Subject: Re: [RFC PATCH] dm-verity: disable recursive forward error correction
Date: Fri, 21 Nov 2025 01:59:25 +0000 [thread overview]
Message-ID: <20251121015925.GC3078357@google.com> (raw)
In-Reply-To: <75ef45cb-4c00-4b27-87cd-3c2914f5dbcc@redhat.com>
On Fri, Nov 14, 2025 at 04:54:01PM +0100, Mikulas Patocka wrote:
> Hi
>
> What do you think about this patch?
>
> There are two problems with the recursive correction:
>
> 1. It may cause denial-of-service. In fec_read_bufs, there is a loop that
> has 253 iterations. For each iteration, we may call verity_hash_for_block
> recursively. There is a limit of 4 nested recursions - that means that
> there may be at most 253^4 (4 billion) iterations. Red Hat QE team
> actually created an image that that pushes dm-verity to this limit - and
> this image just makes the udev-worker process get stuck in the 'D' state.
>
> 2. It probably doesn't work. In fec_read_bufs we store data into the
> variable "fio->bufs", but fio bufs is shared between recursive
> invocations, if "verity_hash_for_block" invoked correction recursively, it
> would overwrite partially filled fio->bufs.
>
> So, I'm suggesting to remove recursive correction at all. This patch
> passed the cryptsetup testsuite. Does it pass your tests too?
>
> Signed-off-by: Mikulas Patocka <mpatocka@redhat.com>
> Reported-by: Guangwu Zhang <guazhang@redhat.com>
>
> ---
> drivers/md/dm-verity-fec.c | 4 +---
> drivers/md/dm-verity-fec.h | 3 ---
> drivers/md/dm-verity-target.c | 2 +-
> 3 files changed, 2 insertions(+), 7 deletions(-)
Reviewed-by: Eric Biggers <ebiggers@kernel.org>
- Eric
prev parent reply other threads:[~2025-11-21 1:59 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-11-14 15:54 [RFC PATCH] dm-verity: disable recursive forward error correction Mikulas Patocka
2025-11-17 20:52 ` Sami Tolvanen
2025-11-18 18:03 ` Mikulas Patocka
2025-11-21 1:59 ` Eric Biggers [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251121015925.GC3078357@google.com \
--to=ebiggers@kernel.org \
--cc=agk@redhat.com \
--cc=dm-devel@lists.linux.dev \
--cc=gmazyland@gmail.com \
--cc=guazhang@redhat.com \
--cc=mpatocka@redhat.com \
--cc=okozina@redhat.com \
--cc=samitolvanen@google.com \
--cc=snitzer@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.