[PATCH] ubifs: replay: Detect and kill orphaned xattrs

Marc Kleine-Budde mkl at pengutronix.de
Mon Oct 9 06:59:44 PDT 2017 

On 10/09/2017 03:56 PM, Richard Weinberger wrote:
> Am Montag, 9. Oktober 2017, 15:49:56 CEST schrieb Marc Kleine-Budde:
>> On 06/26/2017 01:19 PM, Richard Weinberger wrote:
>>> Creating an xattr is an independent journal transaction and the xattr
>>> code assumes that there is always a valid host inode present when a new
>>> xattr is created. This assumption is not correct for LSM and now
>>> fscrypt, for these users UBIFS creates the xattr before the host inode
>>> is created and visible to the user. Since these are two journal
>>> transactions it can happen that due to a power-cut only the xattr is
>>> present but not the host inode nor the directory entry for it. As result
>>> of this UBIFS will lose free space and can run out of space at some
>>> time.
>>> It is also not possible to create the xattr after the host inode because
>>> this would violate LSM and fscrypt model. After a power-cut we could end
>>> up with a inode without security context.
>>>
>>> This is an intermediate fix that can go into -stable, as long term
>>> solution we have to make sure that creating the xattr and the host inode
>>> is a single journal transaction. But to achieve this the journal code
>>> need some rework first.
>>>
>>> Cc: Subodh Nijsure <snijsure at grid-net.com>
>>> Cc: Marc Kleine-Budde <mkl at pengutronix.de>
>>> Cc: Ben Shelton <ben.shelton at ni.com>
>>> Cc: Brad Mouring <brad.mouring at ni.com>
>>> Cc: Terry Wilcox <terry.wilcox at ni.com>
>>> Cc: Gratian Crisan <gratian.crisan at ni.com>
>>> Cc: stable at vger.kernel.org
>>> Fixes: d7f0b70d30ff ("UBIFS: Add security.* XATTR support for the UBIFS")
>>> Signed-off-by: Richard Weinberger <richard at nod.at>
>>
>> What happended to this patch? It's not on mainline (and thus not on the
>> stable branches). Was there a better fix?
> 
> Since the patch is non-trivial I hoped to get a review or tested-by.
> Therefore I didn't merge it so far.

What do you expect from proper testing?

Marc

-- 
Pengutronix e.K.                  | Marc Kleine-Budde           |
Industrial Linux Solutions        | Phone: +49-231-2826-924     |
Vertretung West/Dortmund          | Fax:   +49-5121-206917-5555 |
Amtsgericht Hildesheim, HRA 2686  | http://www.pengutronix.de   |

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://lists.infradead.org/pipermail/linux-mtd/attachments/20171009/d88b9713/attachment.sig>

More information about the linux-mtd mailing list