Re: [PATCH v2] f2fs: avoid wrong decrypted data from disk

From: Jaegeuk Kim
Date: Thu Aug 30 2018 - 00:03:40 EST


On 08/30, Chao Yu wrote:
> On 2018/8/30 9:48, Jaegeuk Kim wrote:
> > 1. Create a file in an encrypted directory
> > 2. Do GC & drop caches
> > 3. Read stale data before its bio for metapage was not issued yet
> >
> > Signed-off-by: Jaegeuk Kim <jaegeuk@xxxxxxxxxx>
> > ---
> > Change log from v1:
> > - move to bio != NULL
> >
> > fs/f2fs/data.c | 6 ++++++
> > 1 file changed, 6 insertions(+)
> >
> > diff --git a/fs/f2fs/data.c b/fs/f2fs/data.c
> > index 382c1ef9a9e4..159e411785e9 100644
> > --- a/fs/f2fs/data.c
> > +++ b/fs/f2fs/data.c
> > @@ -1556,6 +1556,12 @@ static int f2fs_mpage_readpages(struct address_space *mapping,
> > bio = NULL;
> > goto set_error_page;
> > }
> > + } else if (unlikely(f2fs_encrypted_file(inode))) {
>
> For android scenario, encryption becomes a common case now, so I think we can
> remove unlikely here.
>
> > + /*
> > + * If the page is under writeback, we need to wait for
> > + * its completion to see the correct decrypted data.
> > + */
> > + f2fs_wait_on_block_writeback(F2FS_I_SB(inode), block_nr);
> > }
>
> Look at this again, it seems f2fs_wait_on_block_writeback() is not related to
> f2fs_grab_read_bio(), so we can move it here to make code logic more clear:
>
> if (f2fs_encrypted_file(inode)) {
> /* */
> f2fs_wait_on_block_writeback(F2FS_I_SB(inode), block_nr);
> }
>
> Also, in f2fs_submit_page_read(), we need to adjust to:
>
> - f2fs_grab_read_bio()
> - f2fs_wait_on_block_writeback()
> - bio_add_page()
>
> How do you think?

Oh, yeah!

>
> Thanks,
>
> >
> > if (bio_add_page(bio, page, blocksize, 0) < blocksize)
> >