From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Theodore Tso <tytso@mit.edu>
Subject: [PATCH 4.3 56/71] ext4 crypto: fix bugs in ext4_encrypted_zeroout()
Date: Sat, 12 Dec 2015 12:06:20 -0800 [thread overview]
Message-ID: <20151212200539.513553257@linuxfoundation.org> (raw)
In-Reply-To: <20151212200536.761001328@linuxfoundation.org>
4.3-stable review patch. If anyone has any objections, please let me know.
------------------
From: Theodore Ts'o <tytso@mit.edu>
commit 36086d43f6575c081067de9855786a2fc91df77b upstream.
Fix multiple bugs in ext4_encrypted_zeroout(), including one that
could cause us to write an encrypted zero page to the wrong location
on disk, potentially causing data and file system corruption.
Fortunately, this tends to only show up in stress tests, but even with
these fixes, we are seeing some test failures with generic/127 --- but
these are now caused by data failures instead of metadata corruption.
Since ext4_encrypted_zeroout() is only used for some optimizations to
keep the extent tree from being too fragmented, and
ext4_encrypted_zeroout() itself isn't all that optimized from a time
or IOPS perspective, disable the extent tree optimization for
encrypted inodes for now. This prevents the data corruption issues
reported by generic/127 until we can figure out what's going wrong.
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
fs/ext4/crypto.c | 23 +++++++++++++++++++----
fs/ext4/extents.c | 3 +++
2 files changed, 22 insertions(+), 4 deletions(-)
--- a/fs/ext4/crypto.c
+++ b/fs/ext4/crypto.c
@@ -411,7 +411,13 @@ int ext4_encrypted_zeroout(struct inode
ext4_lblk_t lblk = ex->ee_block;
ext4_fsblk_t pblk = ext4_ext_pblock(ex);
unsigned int len = ext4_ext_get_actual_len(ex);
- int err = 0;
+ int ret, err = 0;
+
+#if 0
+ ext4_msg(inode->i_sb, KERN_CRIT,
+ "ext4_encrypted_zeroout ino %lu lblk %u len %u",
+ (unsigned long) inode->i_ino, lblk, len);
+#endif
BUG_ON(inode->i_sb->s_blocksize != PAGE_CACHE_SIZE);
@@ -437,17 +443,26 @@ int ext4_encrypted_zeroout(struct inode
goto errout;
}
bio->bi_bdev = inode->i_sb->s_bdev;
- bio->bi_iter.bi_sector = pblk;
- err = bio_add_page(bio, ciphertext_page,
+ bio->bi_iter.bi_sector =
+ pblk << (inode->i_sb->s_blocksize_bits - 9);
+ ret = bio_add_page(bio, ciphertext_page,
inode->i_sb->s_blocksize, 0);
- if (err) {
+ if (ret != inode->i_sb->s_blocksize) {
+ /* should never happen! */
+ ext4_msg(inode->i_sb, KERN_ERR,
+ "bio_add_page failed: %d", ret);
+ WARN_ON(1);
bio_put(bio);
+ err = -EIO;
goto errout;
}
err = submit_bio_wait(WRITE, bio);
+ if ((err == 0) && bio->bi_error)
+ err = -EIO;
bio_put(bio);
if (err)
goto errout;
+ lblk++; pblk++;
}
err = 0;
errout:
--- a/fs/ext4/extents.c
+++ b/fs/ext4/extents.c
@@ -3558,6 +3558,9 @@ static int ext4_ext_convert_to_initializ
max_zeroout = sbi->s_extent_max_zeroout_kb >>
(inode->i_sb->s_blocksize_bits - 10);
+ if (ext4_encrypted_inode(inode))
+ max_zeroout = 0;
+
/* If extent is less than s_max_zeroout_kb, zeroout directly */
if (max_zeroout && (ee_len <= max_zeroout)) {
err = ext4_ext_zeroout(inode, ex);
next prev parent reply other threads:[~2015-12-12 20:06 UTC|newest]
Thread overview: 93+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-12-12 20:05 [PATCH 4.3 00/71] 4.3.3-stable review Greg Kroah-Hartman
2015-12-12 20:05 ` [PATCH 4.3 01/71] certs: add .gitignore to stop git nagging about x509_certificate_list Greg Kroah-Hartman
2015-12-12 20:05 ` [PATCH 4.3 02/71] r8169: fix kasan reported skb use-after-free Greg Kroah-Hartman
2015-12-12 20:05 ` [PATCH 4.3 03/71] af-unix: fix use-after-free with concurrent readers while splicing Greg Kroah-Hartman
2015-12-12 20:05 ` [PATCH 4.3 04/71] af_unix: dont append consumed skbs to sk_receive_queue Greg Kroah-Hartman
2015-12-12 20:05 ` [PATCH 4.3 05/71] af_unix: take receive queue lock while appending new skb Greg Kroah-Hartman
2015-12-12 20:05 ` [PATCH 4.3 06/71] unix: avoid use-after-free in ep_remove_wait_queue Greg Kroah-Hartman
2015-12-12 20:05 ` [PATCH 4.3 07/71] af-unix: passcred support for sendpage Greg Kroah-Hartman
2015-12-12 20:05 ` [PATCH 4.3 08/71] ipv6: Avoid creating RTF_CACHE from a rt that is not managed by fib6 tree Greg Kroah-Hartman
2015-12-12 20:05 ` [PATCH 4.3 09/71] ipv6: Check expire on DST_NOCACHE route Greg Kroah-Hartman
2015-12-12 20:05 ` [PATCH 4.3 10/71] ipv6: Check rt->dst.from for the " Greg Kroah-Hartman
2015-12-12 20:05 ` [PATCH 4.3 11/71] Revert "ipv6: ndisc: inherit metadata dst when creating ndisc requests" Greg Kroah-Hartman
2015-12-12 20:05 ` [PATCH 4.3 12/71] tools/net: Use include/uapi with __EXPORTED_HEADERS__ Greg Kroah-Hartman
2015-12-12 20:05 ` [PATCH 4.3 13/71] packet: do skb_probe_transport_header when we actually have data Greg Kroah-Hartman
2015-12-12 20:05 ` [PATCH 4.3 14/71] packet: always probe for transport header Greg Kroah-Hartman
2015-12-12 20:05 ` [PATCH 4.3 15/71] packet: only allow extra vlan len on ethernet devices Greg Kroah-Hartman
2015-12-12 20:05 ` [PATCH 4.3 16/71] packet: infer protocol from ethernet header if unset Greg Kroah-Hartman
2015-12-12 20:05 ` [PATCH 4.3 17/71] packet: fix tpacket_snd max frame len Greg Kroah-Hartman
2015-12-12 20:05 ` [PATCH 4.3 18/71] sctp: translate host order to network order when setting a hmacid Greg Kroah-Hartman
2015-12-12 20:05 ` [PATCH 4.3 19/71] net/mlx5e: Added self loopback prevention Greg Kroah-Hartman
2015-12-12 20:05 ` [PATCH 4.3 20/71] net/mlx4_core: Fix sleeping while holding spinlock at rem_slave_counters Greg Kroah-Hartman
2015-12-12 20:05 ` [PATCH 4.3 21/71] ip_tunnel: disable preemption when updating per-cpu tstats Greg Kroah-Hartman
2015-12-12 20:05 ` [PATCH 4.3 22/71] net: switchdev: fix return code of fdb_dump stub Greg Kroah-Hartman
2015-12-12 20:05 ` [PATCH 4.3 23/71] net: thunder: Check for driver data in nicvf_remove() Greg Kroah-Hartman
2015-12-14 7:17 ` Pavel Fedin
2015-12-14 14:16 ` 'Greg Kroah-Hartman'
2015-12-14 14:51 ` Pavel Fedin
2015-12-12 20:05 ` [PATCH 4.3 24/71] snmp: Remove duplicate OUTMCAST stat increment Greg Kroah-Hartman
2015-12-12 20:05 ` [PATCH 4.3 25/71] net/ip6_tunnel: fix dst leak Greg Kroah-Hartman
2015-12-12 20:05 ` [PATCH 4.3 27/71] tcp: md5: fix lockdep annotation Greg Kroah-Hartman
2015-12-12 20:05 ` [PATCH 4.3 28/71] tcp: disable Fast Open on timeouts after handshake Greg Kroah-Hartman
2015-12-12 20:05 ` [PATCH 4.3 29/71] tcp: fix potential huge kmalloc() calls in TCP_REPAIR Greg Kroah-Hartman
2015-12-12 20:05 ` [PATCH 4.3 30/71] tcp: initialize tp->copied_seq in case of cross SYN connection Greg Kroah-Hartman
2015-12-12 20:05 ` [PATCH 4.3 31/71] net, scm: fix PaX detected msg_controllen overflow in scm_detach_fds Greg Kroah-Hartman
2015-12-12 20:05 ` [PATCH 4.3 32/71] net: ipmr: fix static mfc/dev leaks on table destruction Greg Kroah-Hartman
2015-12-12 20:05 ` [PATCH 4.3 33/71] net: ip6mr: " Greg Kroah-Hartman
2015-12-12 20:05 ` [PATCH 4.3 34/71] vrf: fix double free and memory corruption on register_netdevice failure Greg Kroah-Hartman
2015-12-14 17:45 ` Ben Hutchings
2015-12-14 18:59 ` David Ahern
2015-12-15 5:40 ` Greg Kroah-Hartman
2015-12-15 15:12 ` [PATCH 4.3] vrf: Fix memory leak on registration failure in vrf_newlink() Ben Hutchings
2015-12-15 15:15 ` David Ahern
2015-12-15 15:26 ` Ben Hutchings
2015-12-15 15:31 ` [PATCH 4.3 1/2] Revert "vrf: fix double free and memory corruption on register_netdevice failure" Ben Hutchings
2015-12-15 15:49 ` David Ahern
2015-12-17 22:43 ` Patch "Revert "vrf: fix double free and memory corruption on register_netdevice failure"" has been added to the 4.3-stable tree gregkh
2015-12-15 15:32 ` [PATCH 4.3 2/2] vrf: fix double free and memory corruption on register_netdevice failure Nikolay Aleksandrov
2015-12-15 15:50 ` David Ahern
2015-12-15 17:02 ` Ben Hutchings
2015-12-17 22:43 ` Patch "vrf: fix double free and memory corruption on register_netdevice failure" has been added to the 4.3-stable tree gregkh
2015-12-15 17:48 ` [PATCH 4.3] vrf: Fix memory leak on registration failure in vrf_newlink() David Miller
2015-12-12 20:05 ` [PATCH 4.3 35/71] broadcom: fix PHY_ID_BCM5481 entry in the id table Greg Kroah-Hartman
2015-12-12 20:06 ` [PATCH 4.3 36/71] tipc: fix error handling of expanding buffer headroom Greg Kroah-Hartman
2015-12-14 17:46 ` Ben Hutchings
2015-12-14 23:52 ` Greg Kroah-Hartman
2015-12-12 20:06 ` [PATCH 4.3 37/71] ipv6: distinguish frag queues by device for multicast and link-local packets Greg Kroah-Hartman
2015-12-12 20:06 ` [PATCH 4.3 38/71] RDS: fix race condition when sending a message on unbound socket Greg Kroah-Hartman
2015-12-12 20:06 ` [PATCH 4.3 39/71] bpf, array: fix heap out-of-bounds access when updating elements Greg Kroah-Hartman
2015-12-12 20:06 ` [PATCH 4.3 40/71] ipv6: add complete rcu protection around np->opt Greg Kroah-Hartman
2015-12-12 20:06 ` [PATCH 4.3 41/71] net/neighbour: fix crash at dumping device-agnostic proxy entries Greg Kroah-Hartman
2015-12-12 20:06 ` [PATCH 4.3 42/71] ipv6: sctp: implement sctp_v6_destroy_sock() Greg Kroah-Hartman
2015-12-12 20:06 ` [PATCH 4.3 43/71] openvswitch: fix hangup on vxlan/gre/geneve device deletion Greg Kroah-Hartman
2015-12-12 20:06 ` [PATCH 4.3 44/71] net_sched: fix qdisc_tree_decrease_qlen() races Greg Kroah-Hartman
2015-12-12 20:06 ` [PATCH 4.3 45/71] btrfs: fix resending received snapshot with parent Greg Kroah-Hartman
2015-12-12 20:06 ` [PATCH 4.3 46/71] btrfs: check unsupported filters in balance arguments Greg Kroah-Hartman
2015-12-12 20:06 ` [PATCH 4.3 47/71] Btrfs: fix file corruption and data loss after cloning inline extents Greg Kroah-Hartman
2015-12-12 20:06 ` [PATCH 4.3 48/71] Btrfs: fix truncation of compressed and inlined extents Greg Kroah-Hartman
2015-12-12 20:06 ` [PATCH 4.3 50/71] Btrfs: fix race leading to incorrect item deletion when dropping extents Greg Kroah-Hartman
2015-12-12 20:06 ` [PATCH 4.3 51/71] Btrfs: fix race leading to BUG_ON when running delalloc for nodatacow Greg Kroah-Hartman
2015-12-12 20:06 ` [PATCH 4.3 52/71] Btrfs: fix race when listing an inodes xattrs Greg Kroah-Hartman
2015-12-12 20:06 ` [PATCH 4.3 53/71] btrfs: fix signed overflows in btrfs_sync_file Greg Kroah-Hartman
2015-12-12 20:06 ` [PATCH 4.3 54/71] rbd: dont put snap_context twice in rbd_queue_workfn() Greg Kroah-Hartman
2015-12-12 20:06 ` [PATCH 4.3 55/71] ext4 crypto: fix memory leak in ext4_bio_write_page() Greg Kroah-Hartman
2015-12-12 20:06 ` Greg Kroah-Hartman [this message]
2015-12-12 20:06 ` [PATCH 4.3 57/71] ext4: fix potential use after free in __ext4_journal_stop Greg Kroah-Hartman
2015-12-12 20:06 ` [PATCH 4.3 58/71] ext4, jbd2: ensure entering into panic after recording an error in superblock Greg Kroah-Hartman
2015-12-12 20:06 ` [PATCH 4.3 59/71] firewire: ohci: fix JMicron JMB38x IT context discovery Greg Kroah-Hartman
2015-12-12 20:06 ` [PATCH 4.3 60/71] nfsd: serialize state seqid morphing operations Greg Kroah-Hartman
2015-12-12 20:06 ` [PATCH 4.3 61/71] nfsd: eliminate sending duplicate and repeated delegations Greg Kroah-Hartman
2015-12-12 20:06 ` [PATCH 4.3 62/71] debugfs: fix refcount imbalance in start_creating Greg Kroah-Hartman
2015-12-12 20:06 ` [PATCH 4.3 63/71] nfs4: start callback_ident at idr 1 Greg Kroah-Hartman
2015-12-12 20:06 ` [PATCH 4.3 64/71] nfs4: resend LAYOUTGET when there is a race that changes the seqid Greg Kroah-Hartman
2015-12-12 20:06 ` [PATCH 4.3 65/71] nfs: if we have no valid attrs, then dont declare the attribute cache valid Greg Kroah-Hartman
2015-12-12 20:06 ` [PATCH 4.3 66/71] ocfs2: fix umask ignored issue Greg Kroah-Hartman
2015-12-12 20:06 ` [PATCH 4.3 67/71] block: fix segment split Greg Kroah-Hartman
2015-12-12 20:06 ` [PATCH 4.3 68/71] ceph: fix message length computation Greg Kroah-Hartman
2015-12-12 20:06 ` [PATCH 4.3 69/71] ALSA: pci: depend on ZONE_DMA Greg Kroah-Hartman
2015-12-12 20:06 ` [PATCH 4.3 70/71] ALSA: hda/hdmi - apply Skylake fix-ups to Broxton display codec Greg Kroah-Hartman
2015-12-12 20:06 ` [PATCH 4.3 71/71] [media] cobalt: fix Kconfig dependency Greg Kroah-Hartman
2015-12-13 3:05 ` [PATCH 4.3 00/71] 4.3.3-stable review Shuah Khan
2015-12-13 3:46 ` Greg Kroah-Hartman
2015-12-13 16:01 ` Guenter Roeck
2015-12-14 3:28 ` Greg Kroah-Hartman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20151212200539.513553257@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).