[PATCH] ubifs: replay: Detect and kill orphaned xattrs

Marc Kleine-Budde mkl at pengutronix.de
Mon Oct 9 06:49:56 PDT 2017 

On 06/26/2017 01:19 PM, Richard Weinberger wrote:
> Creating an xattr is an independent journal transaction and the xattr
> code assumes that there is always a valid host inode present when a new
> xattr is created. This assumption is not correct for LSM and now
> fscrypt, for these users UBIFS creates the xattr before the host inode
> is created and visible to the user. Since these are two journal
> transactions it can happen that due to a power-cut only the xattr is
> present but not the host inode nor the directory entry for it. As result
> of this UBIFS will lose free space and can run out of space at some
> time.
> It is also not possible to create the xattr after the host inode because
> this would violate LSM and fscrypt model. After a power-cut we could end
> up with a inode without security context.
> 
> This is an intermediate fix that can go into -stable, as long term
> solution we have to make sure that creating the xattr and the host inode
> is a single journal transaction. But to achieve this the journal code
> need some rework first.
> 
> Cc: Subodh Nijsure <snijsure at grid-net.com>
> Cc: Marc Kleine-Budde <mkl at pengutronix.de>
> Cc: Ben Shelton <ben.shelton at ni.com>
> Cc: Brad Mouring <brad.mouring at ni.com>
> Cc: Terry Wilcox <terry.wilcox at ni.com>
> Cc: Gratian Crisan <gratian.crisan at ni.com>
> Cc: stable at vger.kernel.org
> Fixes: d7f0b70d30ff ("UBIFS: Add security.* XATTR support for the UBIFS")
> Signed-off-by: Richard Weinberger <richard at nod.at>

What happended to this patch? It's not on mainline (and thus not on the
stable branches). Was there a better fix?

Marc

-- 
Pengutronix e.K.                  | Marc Kleine-Budde           |
Industrial Linux Solutions        | Phone: +49-231-2826-924     |
Vertretung West/Dortmund          | Fax:   +49-5121-206917-5555 |
Amtsgericht Hildesheim, HRA 2686  | http://www.pengutronix.de   |

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://lists.infradead.org/pipermail/linux-mtd/attachments/20171009/0cf708a9/attachment.sig>

More information about the linux-mtd mailing list