From: Chris Mason <clm@fb.com>
To: <dsterba@suse.cz>, Liu Bo <bo.li.liu@oracle.com>,
Zach Brown <zab@redhat.com>, <linux-btrfs@vger.kernel.org>
Subject: Re: [PATCH 3/3] btrfs: fix inline compressed read err corruption
Date: Wed, 14 May 2014 09:12:22 -0400 [thread overview]
Message-ID: <53736BB6.30508@fb.com> (raw)
In-Reply-To: <20140512171850.GG6917@twin.jikos.cz>
On 05/12/2014 01:18 PM, David Sterba wrote:
> On Mon, May 12, 2014 at 11:00:23PM +0800, Liu Bo wrote:
>> On Thu, May 08, 2014 at 07:16:19PM -0400, Zach Brown wrote:
>>> uncompress_inline() is silently dropping an error from
>>> btrfs_decompress() after testing it and zeroing the page that was
>>> supposed to hold decompressed data. This can silently turn compressed
>>> inline data in to zeros if decompression fails due to corrupt compressed
>>> data or memory allocation failure.
>>>
>>> I have no idea why uncompress_inline() is zeroing the page for an error
>>> from btrfs_decompress() but not for the earlier ENOMEM from kmalloc().
>>> Can someone explain this?
>>
>> I guess that's because decompress() may have put part of real data on the page
>> and then bail out, and we don't want those data to be exposed to users in this
>> error case.
>>
>> And kmalloc() 's ENOMEM runs before that decompress(), page has whatever random
>> data.
>
> But we don't return any data in case of error. In the unpatched code,
> there's no error so a zeroed page is returned, but this would not happen
> after Zach's fix.
I dug a little more, the zeroing goes all the way back to the original
compression code. It looks like some paranoia of mine.
I'd say its fine to leave off as long as we don't mark the page uptodate.
-chris
next prev parent reply other threads:[~2014-05-14 13:10 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-05-08 23:16 [PATCH 1/3] btrfs: return errno instead of -1 from compression Zach Brown
2014-05-08 23:16 ` [PATCH 2/3] btrfs: return ptr error from compression workspace Zach Brown
2014-05-09 13:40 ` David Sterba
2014-05-08 23:16 ` [PATCH 3/3] btrfs: fix inline compressed read err corruption Zach Brown
2014-05-09 13:58 ` David Sterba
2014-05-09 20:32 ` Zach Brown
2014-05-12 15:00 ` Liu Bo
2014-05-12 17:18 ` David Sterba
2014-05-14 13:12 ` Chris Mason [this message]
2014-05-09 13:39 ` [PATCH 1/3] btrfs: return errno instead of -1 from compression David Sterba
2014-05-09 20:40 ` Zach Brown
2014-05-12 14:20 ` David Sterba
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=53736BB6.30508@fb.com \
--to=clm@fb.com \
--cc=bo.li.liu@oracle.com \
--cc=dsterba@suse.cz \
--cc=linux-btrfs@vger.kernel.org \
--cc=zab@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).