Re: 2.6.15 Bug? New security model?

From: Jeff Mahoney
Date: Sun Feb 12 2006 - 12:55:39 EST

Next message: Roger Leigh: "Re: 2.6.16-rc2 powerpc timestamp skew"
Previous message: Adrian Bunk: "[RFC: 2.6 patch] let NET_CLS_ACT no longer depend on EXPERIMENTAL"
In reply to: Sergey Vlasov: "Re: 2.6.15 Bug? New security model?"
Next in thread: Sergey Vlasov: "Re: 2.6.15 Bug? New security model?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, Feb 12, 2006 at 12:55:41AM +0300, Sergey Vlasov wrote:
> I have noticed that fs/reiserfs/inode.c:init_inode() does not initialize
> REISERFS_I(inode)->i_attrs and inode->i_flags (as done by
> sd_attrs_to_i_attrs()) in the branch for v1 stat data; maybe this causes
> the problem?

Yes. This would absolutely cause a problem. Thanks for the triage.

The failure to set i_attrs = 0 for the sd v1 path means that *any* new objects
that inherit from a v3.5-created object (-o conv means new objects will be
sd v2, old ones aren't 'updated'), will end up with bogus attributes.

This is essentially code-introduced corruption. The patch to fix it in future
versions is easy enough, but you'll need to run reiserfsck --clean-attributes
<device> on any affected file systems.

Bernd - If you haven't already run reiserfsck --clean-attributes on the fs,
can you please test the attached patch? It adds a check to make sure the
file system has always been v3.6 before enabling the attributes by default.

-Jeff

--
Jeff Mahoney
SuSE Labs
diff -ruNpX dontdiff linux-2.6.15/fs/reiserfs/inode.c linux-2.6.15-reiserfs/fs/reiserfs/inode.c
--- linux-2.6.15/fs/reiserfs/inode.c 2006-02-06 19:54:10.000000000 -0500
+++ linux-2.6.15-reiserfs/fs/reiserfs/inode.c 2006-02-12 12:43:00.000000000 -0500
@@ -1195,6 +1195,7 @@ static void init_inode(struct inode *ino
/* nopack is initially zero for v1 objects. For v2 objects,
nopack is initialised from sd_attrs */
REISERFS_I(inode)->i_flags &= ~i_nopack_mask;
+ REISERFS_I(inode)->i_attrs = 0;
} else {
// new stat data found, but object may have old items
// (directories and symlinks)
diff -ruNpX dontdiff linux-2.6.15/fs/reiserfs/super.c linux-2.6.15-reiserfs/fs/reiserfs/super.c
--- linux-2.6.15/fs/reiserfs/super.c 2006-02-06 19:54:27.000000000 -0500
+++ linux-2.6.15-reiserfs/fs/reiserfs/super.c 2006-02-12 12:48:41.000000000 -0500
@@ -1121,7 +1121,9 @@ static void handle_attrs(struct super_bl
"reiserfs: cannot support attributes until flag is set in super-block");
REISERFS_SB(s)->s_mount_opt &= ~(1 << REISERFS_ATTRS);
}
- } else if (le32_to_cpu(rs->s_flags) & reiserfs_attrs_cleared) {
+ } else if (le32_to_cpu(rs->s_flags) & reiserfs_attrs_cleared &&
+ get_inode_item_key_version(s->s_root->d_inode) == KEY_FORMAT_3_6) {
+ /* Enable attrs by default on v3.6-native file systems */
REISERFS_SB(s)->s_mount_opt |= (1 << REISERFS_ATTRS);
}
}

Attachment: pgp00000.pgp
Description: PGP signature

Next message: Roger Leigh: "Re: 2.6.16-rc2 powerpc timestamp skew"
Previous message: Adrian Bunk: "[RFC: 2.6 patch] let NET_CLS_ACT no longer depend on EXPERIMENTAL"
In reply to: Sergey Vlasov: "Re: 2.6.15 Bug? New security model?"
Next in thread: Sergey Vlasov: "Re: 2.6.15 Bug? New security model?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]