[f2fs-dev] [PATCH] f2fs-tools:fix memory leak in write dquot

2019-04-23 Thread Xiaojun Wang
this patch free ddquot in qtree_write_dquot to avoid memory leak

Signed-off-by: Xiaojun Wang 
---
 fsck/quotaio_tree.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/fsck/quotaio_tree.c b/fsck/quotaio_tree.c
index ebee862..de25a60 100644
--- a/fsck/quotaio_tree.c
+++ b/fsck/quotaio_tree.c
@@ -353,6 +353,7 @@ int qtree_write_dquot(struct dquot *dquot)
if (ret != info->dqi_entry_size) {
log_err("Quota write failed (id %u): %s",
(unsigned int)dquot->dq_id, strerror(errno));
+   quota_free_mem(&ddquot);
return ret;
}
quota_free_mem(&ddquot);
-- 
2.7.4



___
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel


Re: [f2fs-dev] [PATCH V1 02/14] Consolidate "post read processing" into a new file

2019-04-23 Thread Christoph Hellwig
On Wed, Apr 24, 2019 at 10:07:18AM +0530, Chandan Rajendra wrote:
> +ifeq (y, $(firstword $(filter y,$(CONFIG_FS_ENCRYPTION) 
> $(CONFIG_FS_VERITY
> +obj-y += post_read_process.o
> +endif

Please just add a new config option selected by the users.

Also I find the file name rather cumbersome.  Maybe just
read-callbacks.[co] ?


___
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel


[f2fs-dev] [PATCH V1 09/14] ext4: Decrypt all boundary blocks when doing buffered write

2019-04-23 Thread Chandan Rajendra
With subpage sized blocks, ext4_block_write_begin() can have up to two
blocks to decrypt. Hence this commit invokes fscrypt_decrypt_page() for
each of those blocks.

Signed-off-by: Chandan Rajendra 
---
 fs/ext4/inode.c | 33 +++--
 1 file changed, 23 insertions(+), 10 deletions(-)

diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c
index 1327e04334df..51744a3c3964 100644
--- a/fs/ext4/inode.c
+++ b/fs/ext4/inode.c
@@ -1156,12 +1156,14 @@ static int ext4_block_write_begin(struct page *page, 
loff_t pos, unsigned len,
unsigned to = from + len;
struct inode *inode = page->mapping->host;
unsigned block_start, block_end;
-   sector_t block;
+   sector_t block, page_blk_nr;
int err = 0;
unsigned blocksize = inode->i_sb->s_blocksize;
unsigned bbits;
-   struct buffer_head *bh, *head, *wait[2], **wait_bh = wait;
+   struct buffer_head *bh, *head, *wait[2];
+   int nr_wait = 0;
bool decrypt = false;
+   int i;
 
BUG_ON(!PageLocked(page));
BUG_ON(from > PAGE_SIZE);
@@ -1213,25 +1215,36 @@ static int ext4_block_write_begin(struct page *page, 
loff_t pos, unsigned len,
!buffer_unwritten(bh) &&
(block_start < from || block_end > to)) {
ll_rw_block(REQ_OP_READ, 0, 1, &bh);
-   *wait_bh++ = bh;
+   wait[nr_wait++] = bh;
decrypt = IS_ENCRYPTED(inode) && S_ISREG(inode->i_mode);
}
}
/*
 * If we issued read requests, let them complete.
 */
-   while (wait_bh > wait) {
-   wait_on_buffer(*--wait_bh);
-   if (!buffer_uptodate(*wait_bh))
+   for (i = 0; i < nr_wait; i++) {
+   wait_on_buffer(wait[i]);
+   if (!buffer_uptodate(wait[i]))
err = -EIO;
}
if (unlikely(err)) {
page_zero_new_buffers(page, from, to);
} else if (decrypt) {
-   err = fscrypt_decrypt_page(page->mapping->host, page,
-   PAGE_SIZE, 0, page->index);
-   if (err)
-   clear_buffer_uptodate(*wait_bh);
+   page_blk_nr = (sector_t)page->index << (PAGE_SHIFT - bbits);
+
+   for (i = 0; i < nr_wait; i++) {
+   int err2;
+
+   block = page_blk_nr + (bh_offset(wait[i]) >> bbits);
+   err2 = fscrypt_decrypt_page(page->mapping->host, page,
+   wait[i]->b_size,
+   bh_offset(wait[i]),
+   block);
+   if (err2) {
+   clear_buffer_uptodate(wait[i]);
+   err = err2;
+   }
+   }
}
 
return err;
-- 
2.19.1



___
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel


[f2fs-dev] [PATCH V1 00/14] Consolidate Post read processing code

2019-04-23 Thread Chandan Rajendra
This patchset moves the "post read processing" code into a file of its
own (i.e. fs/post_read_process.c) and modifies the generic
do_mpage_readpge() to make use of the functionality provided.

"Post read processing" implements code to track the state machine that
needs to be executed after reading data from files that are encrypted
and/or have verity metadata associated with them.

With these changes in place, the patchset changes Ext4 to use
mpage_readpage[s] instead of its own custom ext4_readpage[s]()
functions. This is done to reduce duplicity of code across
filesystems. Also, Post read processing source files will be built
only if one of CONFIG_FS_ENCRYPTION and CONFIG_FS_VERITY is enabled.

The patchset also modifies fs/buffer.c and fscrypt functionality to
get file encryption/decryption to work with subpage-sized blocks.

The following fixes from Eric Biggers are prerequisites for this
patchset,
  fscrypt: fix race where ->lookup() marks plaintext dentry as ciphertext
  fscrypt: only set dentry_operations on ciphertext dentries
  fscrypt: clear DCACHE_ENCRYPTED_NAME when unaliasing directory
  fscrypt: fix race allowing rename() and link() of ciphertext dentries
  fscrypt: clean up and improve dentry revalidation

The patches can also be obtained from,
"https://github.com/chandanr/linux.git subpage-encryption"

Changelog:
RFC V2 -> V1:
1. Test and verify FS_CFLG_OWN_PAGES subset of fscrypt_encrypt_page()
   code by executing fstests on UBIFS.
2. Implement F2fs function call back to check if the contents of a
   page holding a verity file's data needs to be verified.

RFC V1 -> RFC V2:
1. Describe the purpose of "Post processing code" in the cover letter.
2. Fix build errors when CONFIG_FS_VERITY is enabled.

Chandan Rajendra (14):
  ext4: Clear BH_Uptodate flag on decryption error
  Consolidate "post read processing" into a new file
  fsverity: Add call back to decide if verity check has to be performed
  fsverity: Add call back to determine readpage limit
  fs/mpage.c: Integrate post read processing
  ext4: Wire up ext4_readpage[s] to use mpage_readpage[s]
  Remove the term "bio" from post read processing
  Add decryption support for sub-pagesized blocks
  ext4: Decrypt all boundary blocks when doing buffered write
  ext4: Decrypt the block that needs to be partially zeroed
  fscrypt_encrypt_page: Loop across all blocks mapped by a page range
  ext4: Compute logical block and the page range to be encrypted
  fscrypt_zeroout_range: Encrypt all zeroed out blocks of a page
  ext4: Enable encryption for subpage-sized blocks

 Documentation/filesystems/fscrypt.rst |   4 +-
 fs/Makefile   |   4 +
 fs/buffer.c   |  83 +++--
 fs/crypto/bio.c   | 111 ---
 fs/crypto/crypto.c|  73 +++--
 fs/crypto/fscrypt_private.h   |   3 +
 fs/ext4/Makefile  |   2 +-
 fs/ext4/ext4.h|   2 -
 fs/ext4/inode.c   |  47 ++-
 fs/ext4/page-io.c |   9 +-
 fs/ext4/readpage.c| 445 --
 fs/ext4/super.c   |  39 ++-
 fs/f2fs/data.c| 148 ++---
 fs/f2fs/super.c   |  15 +-
 fs/mpage.c|  51 ++-
 fs/post_read_process.c| 155 +
 fs/verity/verify.c|  12 +
 include/linux/buffer_head.h   |   1 +
 include/linux/fscrypt.h   |  20 +-
 include/linux/fsverity.h  |   2 +
 include/linux/post_read_process.h |  22 ++
 21 files changed, 516 insertions(+), 732 deletions(-)
 delete mode 100644 fs/ext4/readpage.c
 create mode 100644 fs/post_read_process.c
 create mode 100644 include/linux/post_read_process.h

-- 
2.19.1



___
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel


[f2fs-dev] [PATCH V1 08/14] Add decryption support for sub-pagesized blocks

2019-04-23 Thread Chandan Rajendra
To support decryption of sub-pagesized blocks this commit adds code to,
1. Track buffer head in "struct post_read_ctx".
2. Pass buffer head argument to all "post read" processing functions.
3. In the corresponding endio, loop across all the blocks mapped by the
   page, decrypting each block in turn.

Signed-off-by: Chandan Rajendra 
---
 fs/buffer.c   | 83 +++
 fs/crypto/bio.c   | 50 +--
 fs/crypto/crypto.c| 19 ++-
 fs/f2fs/data.c|  2 +-
 fs/mpage.c|  2 +-
 fs/post_read_process.c| 53 +---
 include/linux/buffer_head.h   |  1 +
 include/linux/post_read_process.h |  5 +-
 8 files changed, 154 insertions(+), 61 deletions(-)

diff --git a/fs/buffer.c b/fs/buffer.c
index ce357602f471..5b693d1992dd 100644
--- a/fs/buffer.c
+++ b/fs/buffer.c
@@ -45,6 +45,7 @@
 #include 
 #include 
 #include 
+#include 
 #include 
 
 static int fsync_buffers_list(spinlock_t *lock, struct list_head *list);
@@ -245,11 +246,7 @@ __find_get_block_slow(struct block_device *bdev, sector_t 
block)
return ret;
 }
 
-/*
- * I/O completion handler for block_read_full_page() - pages
- * which come unlocked at the end of I/O.
- */
-static void end_buffer_async_read(struct buffer_head *bh, int uptodate)
+void end_buffer_page_read(struct buffer_head *bh)
 {
unsigned long flags;
struct buffer_head *first;
@@ -257,17 +254,7 @@ static void end_buffer_async_read(struct buffer_head *bh, 
int uptodate)
struct page *page;
int page_uptodate = 1;
 
-   BUG_ON(!buffer_async_read(bh));
-
page = bh->b_page;
-   if (uptodate) {
-   set_buffer_uptodate(bh);
-   } else {
-   clear_buffer_uptodate(bh);
-   buffer_io_error(bh, ", async page read");
-   SetPageError(page);
-   }
-
/*
 * Be _very_ careful from here on. Bad things can happen if
 * two buffer heads end IO at almost the same time and both
@@ -305,6 +292,44 @@ static void end_buffer_async_read(struct buffer_head *bh, 
int uptodate)
local_irq_restore(flags);
return;
 }
+EXPORT_SYMBOL(end_buffer_page_read);
+
+/*
+ * I/O completion handler for block_read_full_page() - pages
+ * which come unlocked at the end of I/O.
+ */
+static void end_buffer_async_read(struct buffer_head *bh, int uptodate)
+{
+   struct page *page;
+
+   BUG_ON(!buffer_async_read(bh));
+
+#if defined(CONFIG_FS_ENCRYPTION) || defined(CONFIG_FS_VERITY)
+   if (uptodate && bh->b_private) {
+   struct post_read_ctx *ctx = bh->b_private;
+
+   post_read_processing(ctx);
+   return;
+   }
+
+   if (bh->b_private) {
+   struct post_read_ctx *ctx = bh->b_private;
+
+   WARN_ON(uptodate);
+   put_post_read_ctx(ctx);
+   }
+#endif
+   page = bh->b_page;
+   if (uptodate) {
+   set_buffer_uptodate(bh);
+   } else {
+   clear_buffer_uptodate(bh);
+   buffer_io_error(bh, ", async page read");
+   SetPageError(page);
+   }
+
+   end_buffer_page_read(bh);
+}
 
 /*
  * Completion handler for block_write_full_page() - pages which are unlocked
@@ -2220,7 +2245,11 @@ int block_read_full_page(struct page *page, get_block_t 
*get_block)
 {
struct inode *inode = page->mapping->host;
sector_t iblock, lblock;
-   struct buffer_head *bh, *head, *arr[MAX_BUF_PER_PAGE];
+   struct buffer_head *bh, *head;
+   struct {
+   sector_t blk_nr;
+   struct buffer_head *bh;
+   } arr[MAX_BUF_PER_PAGE];
unsigned int blocksize, bbits;
int nr, i;
int fully_mapped = 1;
@@ -2262,7 +2291,9 @@ int block_read_full_page(struct page *page, get_block_t 
*get_block)
if (buffer_uptodate(bh))
continue;
}
-   arr[nr++] = bh;
+   arr[nr].blk_nr = iblock;
+   arr[nr].bh = bh;
+   ++nr;
} while (i++, iblock++, (bh = bh->b_this_page) != head);
 
if (fully_mapped)
@@ -2281,7 +2312,7 @@ int block_read_full_page(struct page *page, get_block_t 
*get_block)
 
/* Stage two: lock the buffers */
for (i = 0; i < nr; i++) {
-   bh = arr[i];
+   bh = arr[i].bh;
lock_buffer(bh);
mark_buffer_async_read(bh);
}
@@ -2292,11 +2323,21 @@ int block_read_full_page(struct page *page, get_block_t 
*get_block)
 * the underlying blockdev brought it uptodate (the sct fix).
 */
for (i = 0; i < nr; i++) {
-   bh = arr[i];
-   if (buffer_uptodate(bh))
+   bh = arr[i].bh;
+   if (buffer_uptodate(bh)) {
end_buffer_async_read(bh, 1);
-   

[f2fs-dev] [PATCH V1 11/14] fscrypt_encrypt_page: Loop across all blocks mapped by a page range

2019-04-23 Thread Chandan Rajendra
For subpage-sized blocks, this commit now encrypts all blocks mapped by
a page range.

Signed-off-by: Chandan Rajendra 
---
 fs/crypto/crypto.c | 37 +
 1 file changed, 25 insertions(+), 12 deletions(-)

diff --git a/fs/crypto/crypto.c b/fs/crypto/crypto.c
index 4f0d832cae71..2d65b431563f 100644
--- a/fs/crypto/crypto.c
+++ b/fs/crypto/crypto.c
@@ -242,18 +242,26 @@ struct page *fscrypt_encrypt_page(const struct inode 
*inode,
 {
struct fscrypt_ctx *ctx;
struct page *ciphertext_page = page;
+   int i, page_nr_blks;
int err;
 
BUG_ON(len % FS_CRYPTO_BLOCK_SIZE != 0);
 
+   page_nr_blks = len >> inode->i_blkbits;
+
if (inode->i_sb->s_cop->flags & FS_CFLG_OWN_PAGES) {
/* with inplace-encryption we just encrypt the page */
-   err = fscrypt_do_page_crypto(inode, FS_ENCRYPT, lblk_num, page,
-ciphertext_page, len, offs,
-gfp_flags);
-   if (err)
-   return ERR_PTR(err);
-
+   for (i = 0; i < page_nr_blks; i++) {
+   err = fscrypt_do_page_crypto(inode, FS_ENCRYPT,
+   lblk_num, page,
+   ciphertext_page,
+   i_blocksize(inode), offs,
+   gfp_flags);
+   if (err)
+   return ERR_PTR(err);
+   ++lblk_num;
+   offs += i_blocksize(inode);
+   }
return ciphertext_page;
}
 
@@ -269,12 +277,17 @@ struct page *fscrypt_encrypt_page(const struct inode 
*inode,
goto errout;
 
ctx->control_page = page;
-   err = fscrypt_do_page_crypto(inode, FS_ENCRYPT, lblk_num,
-page, ciphertext_page, len, offs,
-gfp_flags);
-   if (err) {
-   ciphertext_page = ERR_PTR(err);
-   goto errout;
+
+   for (i = 0; i < page_nr_blks; i++) {
+   err = fscrypt_do_page_crypto(inode, FS_ENCRYPT, lblk_num,
+   page, ciphertext_page,
+   i_blocksize(inode), offs, gfp_flags);
+   if (err) {
+   ciphertext_page = ERR_PTR(err);
+   goto errout;
+   }
+   ++lblk_num;
+   offs += i_blocksize(inode);
}
SetPagePrivate(ciphertext_page);
set_page_private(ciphertext_page, (unsigned long)ctx);
-- 
2.19.1



___
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel


[f2fs-dev] [PATCH V1 14/14] ext4: Enable encryption for subpage-sized blocks

2019-04-23 Thread Chandan Rajendra
Now that we have the code to support encryption for subpage-sized
blocks, this commit removes the conditional check in filesystem mount
code.

The commit also changes the support statement in
Documentation/filesystems/fscrypt.rst to reflect the fact that
encryption of filesystems with blocksize less than page size now works.

Signed-off-by: Chandan Rajendra 
---
 Documentation/filesystems/fscrypt.rst | 4 ++--
 fs/ext4/super.c   | 7 ---
 2 files changed, 2 insertions(+), 9 deletions(-)

diff --git a/Documentation/filesystems/fscrypt.rst 
b/Documentation/filesystems/fscrypt.rst
index 08c23b60e016..ff2fea121da9 100644
--- a/Documentation/filesystems/fscrypt.rst
+++ b/Documentation/filesystems/fscrypt.rst
@@ -213,8 +213,8 @@ Contents encryption
 ---
 
 For file contents, each filesystem block is encrypted independently.
-Currently, only the case where the filesystem block size is equal to
-the system's page size (usually 4096 bytes) is supported.
+Starting from Linux kernel 5.3, encryption of filesystems with block
+size less than system's page size is supported.
 
 Each block's IV is set to the logical block number within the file as
 a little endian number, except that:
diff --git a/fs/ext4/super.c b/fs/ext4/super.c
index 8e483afbaa2e..4acfefa98ec5 100644
--- a/fs/ext4/super.c
+++ b/fs/ext4/super.c
@@ -4432,13 +4432,6 @@ static int ext4_fill_super(struct super_block *sb, void 
*data, int silent)
}
}
 
-   if ((DUMMY_ENCRYPTION_ENABLED(sbi) || ext4_has_feature_encrypt(sb)) &&
-   (blocksize != PAGE_SIZE)) {
-   ext4_msg(sb, KERN_ERR,
-"Unsupported blocksize for fs encryption");
-   goto failed_mount_wq;
-   }
-
if (DUMMY_ENCRYPTION_ENABLED(sbi) && !sb_rdonly(sb) &&
!ext4_has_feature_encrypt(sb)) {
ext4_set_feature_encrypt(sb);
-- 
2.19.1



___
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel


[f2fs-dev] [PATCH V1 12/14] ext4: Compute logical block and the page range to be encrypted

2019-04-23 Thread Chandan Rajendra
For subpage-sized blocks, the initial logical block number mapped by a
page can be different from page->index. Hence this commit adds code to
compute the first logical block mapped by the page and also the page
range to be encrypted.

Signed-off-by: Chandan Rajendra 
---
 fs/ext4/page-io.c | 9 +++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/fs/ext4/page-io.c b/fs/ext4/page-io.c
index 3e9298e6a705..75485ee9e800 100644
--- a/fs/ext4/page-io.c
+++ b/fs/ext4/page-io.c
@@ -418,6 +418,7 @@ int ext4_bio_write_page(struct ext4_io_submit *io,
 {
struct page *data_page = NULL;
struct inode *inode = page->mapping->host;
+   u64 page_blk;
unsigned block_start;
struct buffer_head *bh, *head;
int ret = 0;
@@ -478,10 +479,14 @@ int ext4_bio_write_page(struct ext4_io_submit *io,
 
if (IS_ENCRYPTED(inode) && S_ISREG(inode->i_mode) && nr_to_submit) {
gfp_t gfp_flags = GFP_NOFS;
+   unsigned int page_bytes;
+
+   page_bytes = round_up(len, i_blocksize(inode));
+   page_blk = page->index << (PAGE_SHIFT - inode->i_blkbits);
 
retry_encrypt:
-   data_page = fscrypt_encrypt_page(inode, page, PAGE_SIZE, 0,
-   page->index, gfp_flags);
+   data_page = fscrypt_encrypt_page(inode, page, page_bytes, 0,
+   page_blk, gfp_flags);
if (IS_ERR(data_page)) {
ret = PTR_ERR(data_page);
if (ret == -ENOMEM && wbc->sync_mode == WB_SYNC_ALL) {
-- 
2.19.1



___
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel


[f2fs-dev] [PATCH V1 13/14] fscrypt_zeroout_range: Encrypt all zeroed out blocks of a page

2019-04-23 Thread Chandan Rajendra
For subpage-sized blocks, this commit adds code to encrypt all zeroed
out blocks mapped by a page.

Signed-off-by: Chandan Rajendra 
---
 fs/crypto/bio.c | 40 ++--
 1 file changed, 18 insertions(+), 22 deletions(-)

diff --git a/fs/crypto/bio.c b/fs/crypto/bio.c
index 1fd063082bbb..b521cd862a1c 100644
--- a/fs/crypto/bio.c
+++ b/fs/crypto/bio.c
@@ -108,29 +108,23 @@ EXPORT_SYMBOL(fscrypt_pullback_bio_page);
 int fscrypt_zeroout_range(const struct inode *inode, pgoff_t lblk,
sector_t pblk, unsigned int len)
 {
-   struct fscrypt_ctx *ctx;
struct page *ciphertext_page = NULL;
struct bio *bio;
+   u64 total_bytes, page_bytes;
int ret, err = 0;
 
-   BUG_ON(inode->i_sb->s_blocksize != PAGE_SIZE);
-
-   ctx = fscrypt_get_ctx(inode, GFP_NOFS);
-   if (IS_ERR(ctx))
-   return PTR_ERR(ctx);
+   total_bytes = len << inode->i_blkbits;
 
-   ciphertext_page = fscrypt_alloc_bounce_page(ctx, GFP_NOWAIT);
-   if (IS_ERR(ciphertext_page)) {
-   err = PTR_ERR(ciphertext_page);
-   goto errout;
-   }
+   while (total_bytes) {
+   page_bytes = min_t(u64, total_bytes, PAGE_SIZE);
 
-   while (len--) {
-   err = fscrypt_do_page_crypto(inode, FS_ENCRYPT, lblk,
-ZERO_PAGE(0), ciphertext_page,
-PAGE_SIZE, 0, GFP_NOFS);
-   if (err)
+   ciphertext_page = fscrypt_encrypt_page(inode, ZERO_PAGE(0),
+   page_bytes, 0, lblk, GFP_NOFS);
+   if (IS_ERR(ciphertext_page)) {
+   err = PTR_ERR(ciphertext_page);
+   ciphertext_page = NULL;
goto errout;
+   }
 
bio = bio_alloc(GFP_NOWAIT, 1);
if (!bio) {
@@ -141,9 +135,8 @@ int fscrypt_zeroout_range(const struct inode *inode, 
pgoff_t lblk,
bio->bi_iter.bi_sector =
pblk << (inode->i_sb->s_blocksize_bits - 9);
bio_set_op_attrs(bio, REQ_OP_WRITE, 0);
-   ret = bio_add_page(bio, ciphertext_page,
-   inode->i_sb->s_blocksize, 0);
-   if (ret != inode->i_sb->s_blocksize) {
+   ret = bio_add_page(bio, ciphertext_page, page_bytes, 0);
+   if (ret != page_bytes) {
/* should never happen! */
WARN_ON(1);
bio_put(bio);
@@ -156,12 +149,15 @@ int fscrypt_zeroout_range(const struct inode *inode, 
pgoff_t lblk,
bio_put(bio);
if (err)
goto errout;
-   lblk++;
-   pblk++;
+
+   lblk += page_bytes >> inode->i_blkbits;
+   pblk += page_bytes >> inode->i_blkbits;
+   total_bytes -= page_bytes;
}
err = 0;
 errout:
-   fscrypt_release_ctx(ctx);
+   if (!IS_ERR_OR_NULL(ciphertext_page))
+   fscrypt_restore_control_page(ciphertext_page);
return err;
 }
 EXPORT_SYMBOL(fscrypt_zeroout_range);
-- 
2.19.1



___
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel


[f2fs-dev] [PATCH V1 04/14] fsverity: Add call back to determine readpage limit

2019-04-23 Thread Chandan Rajendra
Ext4 and F2FS store verity metadata beyond i_size. This commit adds a
call back pointer to "struct fsverity_operations" which helps in
determining the the real file size limit upto which data can be read
from the file.

This call back will be required in order to get do_mpage_readpage()
to read files having verity metadata appended beyond i_size.

Signed-off-by: Chandan Rajendra 
---
 fs/ext4/super.c  | 17 +
 include/linux/fsverity.h |  1 +
 2 files changed, 18 insertions(+)

diff --git a/fs/ext4/super.c b/fs/ext4/super.c
index 63d73b360f1d..8e483afbaa2e 100644
--- a/fs/ext4/super.c
+++ b/fs/ext4/super.c
@@ -1428,6 +1428,22 @@ static struct page 
*ext4_read_verity_metadata_page(struct inode *inode,
return read_mapping_page(inode->i_mapping, index, NULL);
 }
 
+static loff_t ext4_readpage_limit(struct inode *inode)
+{
+   if (IS_VERITY(inode)) {
+   if (inode->i_verity_info)
+   /* limit to end of metadata region */
+   return fsverity_full_i_size(inode);
+   /*
+* fsverity_info is currently being set up and no user reads are
+* allowed yet.  It's easiest to just not enforce a limit yet.
+*/
+   return inode->i_sb->s_maxbytes;
+   }
+
+   return i_size_read(inode);
+}
+
 static bool ext4_verity_required(struct inode *inode, pgoff_t index)
 {
return index < (i_size_read(inode) + PAGE_SIZE - 1) >> PAGE_SHIFT;
@@ -1438,6 +1454,7 @@ static const struct fsverity_operations ext4_verityops = {
.get_metadata_end   = ext4_get_verity_metadata_end,
.read_metadata_page = ext4_read_verity_metadata_page,
.verity_required= ext4_verity_required,
+   .readpage_limit = ext4_readpage_limit,
 };
 #endif /* CONFIG_FS_VERITY */
 
diff --git a/include/linux/fsverity.h b/include/linux/fsverity.h
index b83712d6c79a..fc8113acbbfe 100644
--- a/include/linux/fsverity.h
+++ b/include/linux/fsverity.h
@@ -19,6 +19,7 @@ struct fsverity_operations {
int (*get_metadata_end)(struct inode *inode, loff_t *metadata_end_ret);
struct page *(*read_metadata_page)(struct inode *inode, pgoff_t index);
bool (*verity_required)(struct inode *inode, pgoff_t index);
+   loff_t (*readpage_limit)(struct inode *inode);
 };
 
 #ifdef CONFIG_FS_VERITY
-- 
2.19.1



___
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel


[f2fs-dev] [PATCH V1 02/14] Consolidate "post read processing" into a new file

2019-04-23 Thread Chandan Rajendra
The post read processing code is used by both Ext4 and F2FS. Hence to
remove duplicity, this commit moves the code into
include/linux/post_read_process.h and fs/post_read_process.c.

The corresponding decrypt and verity "work" functions have been moved
inside fscrypt and fsverity sources. With these in place, the post
processing code now has to just invoke enqueue functions provided by
fscrypt and fsverity.

Signed-off-by: Chandan Rajendra 
---
 fs/Makefile   |   4 +
 fs/crypto/bio.c   |  23 ++--
 fs/crypto/crypto.c|  17 +--
 fs/crypto/fscrypt_private.h   |   3 +
 fs/ext4/ext4.h|   2 -
 fs/ext4/readpage.c| 175 --
 fs/ext4/super.c   |   9 +-
 fs/f2fs/data.c| 146 -
 fs/f2fs/super.c   |   9 +-
 fs/post_read_process.c| 136 +++
 fs/verity/verify.c|  12 ++
 include/linux/fscrypt.h   |  20 +---
 include/linux/post_read_process.h |  21 
 13 files changed, 240 insertions(+), 337 deletions(-)
 create mode 100644 fs/post_read_process.c
 create mode 100644 include/linux/post_read_process.h

diff --git a/fs/Makefile b/fs/Makefile
index 9dd2186e74b5..f9abc3f71d3c 100644
--- a/fs/Makefile
+++ b/fs/Makefile
@@ -21,6 +21,10 @@ else
 obj-y +=   no-block.o
 endif
 
+ifeq (y, $(firstword $(filter y,$(CONFIG_FS_ENCRYPTION) $(CONFIG_FS_VERITY
+obj-y +=   post_read_process.o
+endif
+
 obj-$(CONFIG_PROC_FS) += proc_namespace.o
 
 obj-y  += notify/
diff --git a/fs/crypto/bio.c b/fs/crypto/bio.c
index 5759bcd018cd..3e40d65ae6a8 100644
--- a/fs/crypto/bio.c
+++ b/fs/crypto/bio.c
@@ -24,6 +24,8 @@
 #include 
 #include 
 #include 
+#include 
+
 #include "fscrypt_private.h"
 
 static void __fscrypt_decrypt_bio(struct bio *bio, bool done)
@@ -54,24 +56,15 @@ void fscrypt_decrypt_bio(struct bio *bio)
 }
 EXPORT_SYMBOL(fscrypt_decrypt_bio);
 
-static void completion_pages(struct work_struct *work)
+void fscrypt_decrypt_work(struct work_struct *work)
 {
-   struct fscrypt_ctx *ctx =
-   container_of(work, struct fscrypt_ctx, r.work);
-   struct bio *bio = ctx->r.bio;
+   struct bio_post_read_ctx *ctx =
+   container_of(work, struct bio_post_read_ctx, work);
 
-   __fscrypt_decrypt_bio(bio, true);
-   fscrypt_release_ctx(ctx);
-   bio_put(bio);
-}
+   fscrypt_decrypt_bio(ctx->bio);
 
-void fscrypt_enqueue_decrypt_bio(struct fscrypt_ctx *ctx, struct bio *bio)
-{
-   INIT_WORK(&ctx->r.work, completion_pages);
-   ctx->r.bio = bio;
-   fscrypt_enqueue_decrypt_work(&ctx->r.work);
+   bio_post_read_processing(ctx);
 }
-EXPORT_SYMBOL(fscrypt_enqueue_decrypt_bio);
 
 void fscrypt_pullback_bio_page(struct page **page, bool restore)
 {
@@ -87,7 +80,7 @@ void fscrypt_pullback_bio_page(struct page **page, bool 
restore)
ctx = (struct fscrypt_ctx *)page_private(bounce_page);
 
/* restore control page */
-   *page = ctx->w.control_page;
+   *page = ctx->control_page;
 
if (restore)
fscrypt_restore_control_page(bounce_page);
diff --git a/fs/crypto/crypto.c b/fs/crypto/crypto.c
index 3fc84bf2b1e5..ffa9302a7351 100644
--- a/fs/crypto/crypto.c
+++ b/fs/crypto/crypto.c
@@ -53,6 +53,7 @@ struct kmem_cache *fscrypt_info_cachep;
 
 void fscrypt_enqueue_decrypt_work(struct work_struct *work)
 {
+   INIT_WORK(work, fscrypt_decrypt_work);
queue_work(fscrypt_read_workqueue, work);
 }
 EXPORT_SYMBOL(fscrypt_enqueue_decrypt_work);
@@ -70,11 +71,11 @@ void fscrypt_release_ctx(struct fscrypt_ctx *ctx)
 {
unsigned long flags;
 
-   if (ctx->flags & FS_CTX_HAS_BOUNCE_BUFFER_FL && ctx->w.bounce_page) {
-   mempool_free(ctx->w.bounce_page, fscrypt_bounce_page_pool);
-   ctx->w.bounce_page = NULL;
+   if (ctx->flags & FS_CTX_HAS_BOUNCE_BUFFER_FL && ctx->bounce_page) {
+   mempool_free(ctx->bounce_page, fscrypt_bounce_page_pool);
+   ctx->bounce_page = NULL;
}
-   ctx->w.control_page = NULL;
+   ctx->control_page = NULL;
if (ctx->flags & FS_CTX_REQUIRES_FREE_ENCRYPT_FL) {
kmem_cache_free(fscrypt_ctx_cachep, ctx);
} else {
@@ -194,11 +195,11 @@ int fscrypt_do_page_crypto(const struct inode *inode, 
fscrypt_direction_t rw,
 struct page *fscrypt_alloc_bounce_page(struct fscrypt_ctx *ctx,
   gfp_t gfp_flags)
 {
-   ctx->w.bounce_page = mempool_alloc(fscrypt_bounce_page_pool, gfp_flags);
-   if (ctx->w.bounce_page == NULL)
+   ctx->bounce_page = mempool_alloc(fscrypt_bounce_page_pool, gfp_flags);
+   if (ctx->bounce_page == NULL)
return ERR_PTR(-ENOMEM);
ctx->flags |= FS_CTX_HAS_BOUNCE_BUFFER_FL;
-   return ctx->w.bounce_page;
+   return ctx->bounce_page;
 }
 
 /**
@@ -267,7 

[f2fs-dev] [PATCH V1 06/14] ext4: Wire up ext4_readpage[s] to use mpage_readpage[s]

2019-04-23 Thread Chandan Rajendra
Now that do_mpage_readpage() is "post read process" aware, this commit
gets ext4_readpage[s] to use mpage_readpage[s] and deletes ext4's
readpage.c since the associated functionality is not required anymore.

Signed-off-by: Chandan Rajendra 
---
 fs/ext4/Makefile   |   2 +-
 fs/ext4/inode.c|   5 +-
 fs/ext4/readpage.c | 314 -
 3 files changed, 3 insertions(+), 318 deletions(-)
 delete mode 100644 fs/ext4/readpage.c

diff --git a/fs/ext4/Makefile b/fs/ext4/Makefile
index 8fdfcd3c3e04..7c38803a808d 100644
--- a/fs/ext4/Makefile
+++ b/fs/ext4/Makefile
@@ -8,7 +8,7 @@ obj-$(CONFIG_EXT4_FS) += ext4.o
 ext4-y := balloc.o bitmap.o block_validity.o dir.o ext4_jbd2.o extents.o \
extents_status.o file.o fsmap.o fsync.o hash.o ialloc.o \
indirect.o inline.o inode.o ioctl.o mballoc.o migrate.o \
-   mmp.o move_extent.o namei.o page-io.o readpage.o resize.o \
+   mmp.o move_extent.o namei.o page-io.o resize.o \
super.o symlink.o sysfs.o xattr.o xattr_trusted.o xattr_user.o
 
 ext4-$(CONFIG_EXT4_FS_POSIX_ACL)   += acl.o
diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c
index 05b258db8673..1327e04334df 100644
--- a/fs/ext4/inode.c
+++ b/fs/ext4/inode.c
@@ -3353,8 +3353,7 @@ static int ext4_readpage(struct file *file, struct page 
*page)
ret = ext4_readpage_inline(inode, page);
 
if (ret == -EAGAIN)
-   return ext4_mpage_readpages(page->mapping, NULL, page, 1,
-   false);
+   return mpage_readpage(page, ext4_get_block);
 
return ret;
 }
@@ -3369,7 +3368,7 @@ ext4_readpages(struct file *file, struct address_space 
*mapping,
if (ext4_has_inline_data(inode))
return 0;
 
-   return ext4_mpage_readpages(mapping, pages, NULL, nr_pages, true);
+   return mpage_readpages(mapping, pages, nr_pages, ext4_get_block);
 }
 
 static void ext4_invalidatepage(struct page *page, unsigned int offset,
diff --git a/fs/ext4/readpage.c b/fs/ext4/readpage.c
deleted file mode 100644
index 319deffbc105..
--- a/fs/ext4/readpage.c
+++ /dev/null
@@ -1,314 +0,0 @@
-// SPDX-License-Identifier: GPL-2.0
-/*
- * linux/fs/ext4/readpage.c
- *
- * Copyright (C) 2002, Linus Torvalds.
- * Copyright (C) 2015, Google, Inc.
- *
- * This was originally taken from fs/mpage.c
- *
- * The intent is the ext4_mpage_readpages() function here is intended
- * to replace mpage_readpages() in the general case, not just for
- * encrypted files.  It has some limitations (see below), where it
- * will fall back to read_block_full_page(), but these limitations
- * should only be hit when page_size != block_size.
- *
- * This will allow us to attach a callback function to support ext4
- * encryption.
- *
- * If anything unusual happens, such as:
- *
- * - encountering a page which has buffers
- * - encountering a page which has a non-hole after a hole
- * - encountering a page with non-contiguous blocks
- *
- * then this code just gives up and calls the buffer_head-based read function.
- * It does handle a page which has holes at the end - that is a common case:
- * the end-of-file on blocksize < PAGE_SIZE setups.
- *
- */
-
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-
-#include "ext4.h"
-
-static inline bool ext4_bio_encrypted(struct bio *bio)
-{
-#ifdef CONFIG_FS_ENCRYPTION
-   return unlikely(bio->bi_private != NULL);
-#else
-   return false;
-#endif
-}
-
-/*
- * I/O completion handler for multipage BIOs.
- *
- * The mpage code never puts partial pages into a BIO (except for end-of-file).
- * If a page does not map to a contiguous run of blocks then it simply falls
- * back to block_read_full_page().
- *
- * Why is this?  If a page's completion depends on a number of different BIOs
- * which can complete in any order (or at the same time) then determining the
- * status of that page is hard.  See end_buffer_async_read() for the details.
- * There is no point in duplicating all that complexity.
- */
-static void mpage_end_io(struct bio *bio)
-{
-   struct bio_vec *bv;
-   int i;
-   struct bvec_iter_all iter_all;
-#if defined(CONFIG_FS_ENCRYPTION) || defined(CONFIG_FS_VERITY)
-   if (bio_post_read_required(bio)) {
-   struct bio_post_read_ctx *ctx = bio->bi_private;
-
-   bio_post_read_processing(ctx);
-   return;
-   }
-#endif
-   bio_for_each_segment_all(bv, bio, i, iter_all) {
-   struct page *page = bv->bv_page;
-
-   if (!bio->bi_status) {
-   SetPageUptodate(page);
-   } else {
-   ClearPageUptodate(page);
-   SetPageError(page);
-   }
-   unlock_page(page);
-   }
-
-   bio_put

[f2fs-dev] [PATCH V1 05/14] fs/mpage.c: Integrate post read processing

2019-04-23 Thread Chandan Rajendra
This commit adds code to make do_mpage_readpage() to be "post read
processing" aware i.e. for files requiring decryption/verification,
do_mpage_readpage() now allocates a context structure and assigns the
corresponding pointer to bio->bi_private. At endio time, a non-zero
bio->bi_private indicates that after the read operation is performed, the
bio's payload needs to be processed further before handing over the data
to user space.

The context structure is used for tracking the state machine associated
with post read processing.

Signed-off-by: Chandan Rajendra 
---
 fs/mpage.c | 51 ---
 1 file changed, 48 insertions(+), 3 deletions(-)

diff --git a/fs/mpage.c b/fs/mpage.c
index 3f19da75178b..9c291d6ddab6 100644
--- a/fs/mpage.c
+++ b/fs/mpage.c
@@ -30,6 +30,10 @@
 #include 
 #include 
 #include 
+#include 
+#if defined(CONFIG_FS_ENCRYPTION) || defined(CONFIG_FS_VERITY)
+#include 
+#endif
 #include "internal.h"
 
 /*
@@ -50,6 +54,20 @@ static void mpage_end_io(struct bio *bio)
int i;
struct bvec_iter_all iter_all;
 
+#if defined(CONFIG_FS_ENCRYPTION) || defined(CONFIG_FS_VERITY)
+   if (!bio->bi_status && bio->bi_private) {
+   struct bio_post_read_ctx *ctx;
+
+   ctx = bio->bi_private;
+
+   bio_post_read_processing(ctx);
+   return;
+   }
+
+   if (bio->bi_private)
+   put_bio_post_read_ctx((struct bio_post_read_ctx 
*)(bio->bi_private));
+#endif
+
bio_for_each_segment_all(bv, bio, i, iter_all) {
struct page *page = bv->bv_page;
page_endio(page, bio_op(bio),
@@ -189,7 +207,13 @@ static struct bio *do_mpage_readpage(struct 
mpage_readpage_args *args)
 
block_in_file = (sector_t)page->index << (PAGE_SHIFT - blkbits);
last_block = block_in_file + args->nr_pages * blocks_per_page;
-   last_block_in_file = (i_size_read(inode) + blocksize - 1) >> blkbits;
+#ifdef CONFIG_FS_VERITY
+   if (IS_VERITY(inode) && inode->i_sb->s_vop->readpage_limit)
+   last_block_in_file = inode->i_sb->s_vop->readpage_limit(inode);
+   else
+#endif
+   last_block_in_file = (i_size_read(inode) + blocksize - 1)
+   >> blkbits;
if (last_block > last_block_in_file)
last_block = last_block_in_file;
page_block = 0;
@@ -277,6 +301,14 @@ static struct bio *do_mpage_readpage(struct 
mpage_readpage_args *args)
if (first_hole != blocks_per_page) {
zero_user_segment(page, first_hole << blkbits, PAGE_SIZE);
if (first_hole == 0) {
+#ifdef CONFIG_FS_VERITY
+   if (IS_VERITY(inode)) {
+   if (!fsverity_check_hole(inode, page)) {
+   SetPageError(page);
+   goto confused;
+   }
+   }
+#endif
SetPageUptodate(page);
unlock_page(page);
goto out;
@@ -299,7 +331,11 @@ static struct bio *do_mpage_readpage(struct 
mpage_readpage_args *args)
 
 alloc_new:
if (args->bio == NULL) {
-   if (first_hole == blocks_per_page) {
+#if defined(CONFIG_FS_ENCRYPTION) || defined(CONFIG_FS_VERITY)
+   struct bio_post_read_ctx *ctx;
+#endif
+   if (first_hole == blocks_per_page
+   && !(IS_ENCRYPTED(inode) || IS_VERITY(inode))) {
if (!bdev_read_page(bdev, blocks[0] << (blkbits - 9),
page))
goto out;
@@ -310,6 +346,15 @@ static struct bio *do_mpage_readpage(struct 
mpage_readpage_args *args)
gfp);
if (args->bio == NULL)
goto confused;
+
+#if defined(CONFIG_FS_ENCRYPTION) || defined(CONFIG_FS_VERITY)
+   ctx = get_bio_post_read_ctx(inode, args->bio, page->index);
+   if (IS_ERR(ctx)) {
+   bio_put(args->bio);
+   args->bio = NULL;
+   goto confused;
+   }
+#endif
}
 
length = first_hole << blkbits;
@@ -331,7 +376,7 @@ static struct bio *do_mpage_readpage(struct 
mpage_readpage_args *args)
 confused:
if (args->bio)
args->bio = mpage_bio_submit(REQ_OP_READ, op_flags, args->bio);
-   if (!PageUptodate(page))
+   if (!PageUptodate(page) && !PageError(page))
block_read_full_page(page, args->get_block);
else
unlock_page(page);
-- 
2.19.1



___
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel


[f2fs-dev] [PATCH V1 10/14] ext4: Decrypt the block that needs to be partially zeroed

2019-04-23 Thread Chandan Rajendra
__ext4_block_zero_page_range decrypts the entire page. This commit
decrypts the block to be partially zeroed instead of the whole page.

Signed-off-by: Chandan Rajendra 
---
 fs/ext4/inode.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c
index 51744a3c3964..ade1816697a8 100644
--- a/fs/ext4/inode.c
+++ b/fs/ext4/inode.c
@@ -4080,9 +4080,10 @@ static int __ext4_block_zero_page_range(handle_t *handle,
if (S_ISREG(inode->i_mode) && IS_ENCRYPTED(inode)) {
/* We expect the key to be set. */
BUG_ON(!fscrypt_has_encryption_key(inode));
-   BUG_ON(blocksize != PAGE_SIZE);
WARN_ON_ONCE(fscrypt_decrypt_page(page->mapping->host,
-   page, PAGE_SIZE, 0, 
page->index));
+   page, blocksize,
+   round_down(offset, 
blocksize),
+   iblock));
}
}
if (ext4_should_journal_data(inode)) {
-- 
2.19.1



___
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel


[f2fs-dev] [PATCH V1 03/14] fsverity: Add call back to decide if verity check has to be performed

2019-04-23 Thread Chandan Rajendra
Ext4 and F2FS store verity metadata in data extents (beyond
inode->i_size) associated with a file. But other filesystems might
choose alternative means to store verity metadata. Hence this commit
adds a callback function pointer to 'struct fsverity_operations' to help
in deciding if verity operation needs to performed against a page-cache
page holding file data.

Signed-off-by: Chandan Rajendra 
---
 fs/ext4/super.c  | 6 ++
 fs/f2fs/super.c  | 6 ++
 fs/post_read_process.c   | 4 +++-
 include/linux/fsverity.h | 1 +
 4 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/fs/ext4/super.c b/fs/ext4/super.c
index aba724f82cc3..63d73b360f1d 100644
--- a/fs/ext4/super.c
+++ b/fs/ext4/super.c
@@ -1428,10 +1428,16 @@ static struct page 
*ext4_read_verity_metadata_page(struct inode *inode,
return read_mapping_page(inode->i_mapping, index, NULL);
 }
 
+static bool ext4_verity_required(struct inode *inode, pgoff_t index)
+{
+   return index < (i_size_read(inode) + PAGE_SIZE - 1) >> PAGE_SHIFT;
+}
+
 static const struct fsverity_operations ext4_verityops = {
.set_verity = ext4_set_verity,
.get_metadata_end   = ext4_get_verity_metadata_end,
.read_metadata_page = ext4_read_verity_metadata_page,
+   .verity_required= ext4_verity_required,
 };
 #endif /* CONFIG_FS_VERITY */
 
diff --git a/fs/f2fs/super.c b/fs/f2fs/super.c
index 2f75f06c784a..cd1299e1f92d 100644
--- a/fs/f2fs/super.c
+++ b/fs/f2fs/super.c
@@ -2257,10 +2257,16 @@ static struct page 
*f2fs_read_verity_metadata_page(struct inode *inode,
return read_mapping_page(inode->i_mapping, index, NULL);
 }
 
+static bool f2fs_verity_required(struct inode *inode, pgoff_t index)
+{
+   return index < (i_size_read(inode) + PAGE_SIZE - 1) >> PAGE_SHIFT;
+}
+
 static const struct fsverity_operations f2fs_verityops = {
.set_verity = f2fs_set_verity,
.get_metadata_end   = f2fs_get_verity_metadata_end,
.read_metadata_page = f2fs_read_verity_metadata_page,
+   .verity_required= f2fs_verity_required,
 };
 #endif /* CONFIG_FS_VERITY */
 
diff --git a/fs/post_read_process.c b/fs/post_read_process.c
index d203fc263091..b60be77c7217 100644
--- a/fs/post_read_process.c
+++ b/fs/post_read_process.c
@@ -86,7 +86,9 @@ struct bio_post_read_ctx *get_bio_post_read_ctx(struct inode 
*inode,
post_read_steps |= 1 << STEP_DECRYPT;
 #ifdef CONFIG_FS_VERITY
if (inode->i_verity_info != NULL &&
-   (index < ((i_size_read(inode) + PAGE_SIZE - 1) >> PAGE_SHIFT)))
+   ((inode->i_sb->s_vop->verity_required
+   && inode->i_sb->s_vop->verity_required(inode, index))
+   || (inode->i_sb->s_vop->verity_required == NULL)))
post_read_steps |= 1 << STEP_VERITY;
 #endif
if (post_read_steps) {
diff --git a/include/linux/fsverity.h b/include/linux/fsverity.h
index 7c33b42abf1b..b83712d6c79a 100644
--- a/include/linux/fsverity.h
+++ b/include/linux/fsverity.h
@@ -18,6 +18,7 @@ struct fsverity_operations {
int (*set_verity)(struct inode *inode, loff_t data_i_size);
int (*get_metadata_end)(struct inode *inode, loff_t *metadata_end_ret);
struct page *(*read_metadata_page)(struct inode *inode, pgoff_t index);
+   bool (*verity_required)(struct inode *inode, pgoff_t index);
 };
 
 #ifdef CONFIG_FS_VERITY
-- 
2.19.1



___
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel


[f2fs-dev] [PATCH V1 07/14] Remove the term "bio" from post read processing

2019-04-23 Thread Chandan Rajendra
For block size < page size, apart from handling bios, post read
processing needs to handle buffer heads. Hence this commit removes the
term "bio" from the identifiers associated with post read processing.

Signed-off-by: Chandan Rajendra 
---
 fs/crypto/bio.c   |  6 ++--
 fs/f2fs/data.c| 10 +++---
 fs/mpage.c| 10 +++---
 fs/post_read_process.c| 56 +++
 fs/verity/verify.c|  6 ++--
 include/linux/post_read_process.h | 16 -
 6 files changed, 52 insertions(+), 52 deletions(-)

diff --git a/fs/crypto/bio.c b/fs/crypto/bio.c
index 3e40d65ae6a8..bab48dfa3765 100644
--- a/fs/crypto/bio.c
+++ b/fs/crypto/bio.c
@@ -58,12 +58,12 @@ EXPORT_SYMBOL(fscrypt_decrypt_bio);
 
 void fscrypt_decrypt_work(struct work_struct *work)
 {
-   struct bio_post_read_ctx *ctx =
-   container_of(work, struct bio_post_read_ctx, work);
+   struct post_read_ctx *ctx =
+   container_of(work, struct post_read_ctx, work);
 
fscrypt_decrypt_bio(ctx->bio);
 
-   bio_post_read_processing(ctx);
+   post_read_processing(ctx);
 }
 
 void fscrypt_pullback_bio_page(struct page **page, bool restore)
diff --git a/fs/f2fs/data.c b/fs/f2fs/data.c
index 2f62244f6d24..f00f018bed27 100644
--- a/fs/f2fs/data.c
+++ b/fs/f2fs/data.c
@@ -89,10 +89,10 @@ static void __read_end_io(struct bio *bio)
 
 #if defined(CONFIG_FS_ENCRYPTION) || defined(CONFIG_FS_VERITY)
if (bio->bi_private) {
-   struct bio_post_read_ctx *ctx;
+   struct post_read_ctx *ctx;
 
ctx = bio->bi_private;
-   put_bio_post_read_ctx(ctx);
+   put_post_read_ctx(ctx);
}
 #endif
bio_put(bio);
@@ -108,7 +108,7 @@ static void f2fs_read_end_io(struct bio *bio)
 
 #if defined(CONFIG_FS_ENCRYPTION) || defined(CONFIG_FS_VERITY)
if (!bio->bi_status && bio->bi_private) {
-   bio_post_read_processing((struct bio_post_read_ctx 
*)(bio->bi_private));
+   post_read_processing((struct post_read_ctx *)(bio->bi_private));
return;
}
 #endif
@@ -514,7 +514,7 @@ static struct bio *f2fs_grab_read_bio(struct inode *inode, 
block_t blkaddr,
struct f2fs_sb_info *sbi = F2FS_I_SB(inode);
struct bio *bio;
 #if defined(CONFIG_FS_ENCRYPTION) || defined(CONFIG_FS_VERITY)
-   struct bio_post_read_ctx *ctx;
+   struct post_read_ctx *ctx;
 #endif
if (!f2fs_is_valid_blkaddr(sbi, blkaddr, DATA_GENERIC))
return ERR_PTR(-EFAULT);
@@ -527,7 +527,7 @@ static struct bio *f2fs_grab_read_bio(struct inode *inode, 
block_t blkaddr,
bio_set_op_attrs(bio, REQ_OP_READ, op_flag);
 
 #if defined(CONFIG_FS_ENCRYPTION) || defined(CONFIG_FS_VERITY)
-   ctx = get_bio_post_read_ctx(inode, bio, first_idx);
+   ctx = get_post_read_ctx(inode, bio, first_idx);
if (IS_ERR(ctx)) {
bio_put(bio);
return (struct bio *)ctx;
diff --git a/fs/mpage.c b/fs/mpage.c
index 9c291d6ddab6..938f00984ba1 100644
--- a/fs/mpage.c
+++ b/fs/mpage.c
@@ -56,16 +56,16 @@ static void mpage_end_io(struct bio *bio)
 
 #if defined(CONFIG_FS_ENCRYPTION) || defined(CONFIG_FS_VERITY)
if (!bio->bi_status && bio->bi_private) {
-   struct bio_post_read_ctx *ctx;
+   struct post_read_ctx *ctx;
 
ctx = bio->bi_private;
 
-   bio_post_read_processing(ctx);
+   post_read_processing(ctx);
return;
}
 
if (bio->bi_private)
-   put_bio_post_read_ctx((struct bio_post_read_ctx 
*)(bio->bi_private));
+   put_post_read_ctx((struct post_read_ctx *)(bio->bi_private));
 #endif
 
bio_for_each_segment_all(bv, bio, i, iter_all) {
@@ -332,7 +332,7 @@ static struct bio *do_mpage_readpage(struct 
mpage_readpage_args *args)
 alloc_new:
if (args->bio == NULL) {
 #if defined(CONFIG_FS_ENCRYPTION) || defined(CONFIG_FS_VERITY)
-   struct bio_post_read_ctx *ctx;
+   struct post_read_ctx *ctx;
 #endif
if (first_hole == blocks_per_page
&& !(IS_ENCRYPTED(inode) || IS_VERITY(inode))) {
@@ -348,7 +348,7 @@ static struct bio *do_mpage_readpage(struct 
mpage_readpage_args *args)
goto confused;
 
 #if defined(CONFIG_FS_ENCRYPTION) || defined(CONFIG_FS_VERITY)
-   ctx = get_bio_post_read_ctx(inode, args->bio, page->index);
+   ctx = get_post_read_ctx(inode, args->bio, page->index);
if (IS_ERR(ctx)) {
bio_put(args->bio);
args->bio = NULL;
diff --git a/fs/post_read_process.c b/fs/post_read_process.c
index b60be77c7217..a9ea0dca23bc 100644
--- a/fs/post_read_process.c
+++ b/fs/post_read_process.c
@@ -14,17 +14,17 @@
 
 #define NUM_PREALLOC_POST_READ_CTXS128
 
-static struct kmem_cache *bio_post_re

[f2fs-dev] [PATCH V1 01/14] ext4: Clear BH_Uptodate flag on decryption error

2019-04-23 Thread Chandan Rajendra
On an error return from fscrypt_decrypt_page(), ext4_block_write_begin()
can return with the page's buffer_head marked with BH_Uptodate
flag. This commit clears the BH_Uptodate flag in such cases.

Signed-off-by: Chandan Rajendra 
---
 fs/ext4/inode.c | 8 ++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c
index 3c2e7f5a6c84..05b258db8673 100644
--- a/fs/ext4/inode.c
+++ b/fs/ext4/inode.c
@@ -1225,11 +1225,15 @@ static int ext4_block_write_begin(struct page *page, 
loff_t pos, unsigned len,
if (!buffer_uptodate(*wait_bh))
err = -EIO;
}
-   if (unlikely(err))
+   if (unlikely(err)) {
page_zero_new_buffers(page, from, to);
-   else if (decrypt)
+   } else if (decrypt) {
err = fscrypt_decrypt_page(page->mapping->host, page,
PAGE_SIZE, 0, page->index);
+   if (err)
+   clear_buffer_uptodate(*wait_bh);
+   }
+
return err;
 }
 #endif
-- 
2.19.1



___
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel


Re: [f2fs-dev] [PATCH] f2fs: remove redundant check in f2fs_file_write_iter()

2019-04-23 Thread Chao Yu
On 2019/4/23 13:08, Chengguang Xu wrote:
> We have already checked flag IOCB_DIRECT in the sanity
> check of flag IOCB_NOWAIT, so don't have to check it
> again here.
> 
> Signed-off-by: Chengguang Xu 

Reviewed-by: Chao Yu 

Thanks,


___
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel


[f2fs-dev] [PATCH] f2fs: Add option to limit required GC for checkpoint=disable

2019-04-23 Thread Daniel Rosenberg via Linux-f2fs-devel
This extends the checkpoint option to allow checkpoint=disable:%u
This allows you to specify what percent of the drive you are willing
to lose access to while mounting with checkpoint=disable. If the amount
lost would be higher, the mount will return -EAGAIN.
Currently, we need to run garbage collection until the amount of holes
is smaller than the OVP space. With the new option, f2fs can mark
space as unusable up front instead of requiring that
the space be freed up with garbage collection.

Signed-off-by: Daniel Rosenberg 
---
 Documentation/ABI/testing/sysfs-fs-f2fs |  8 +
 Documentation/filesystems/f2fs.txt  |  8 +++--
 fs/f2fs/f2fs.h  |  6 +++-
 fs/f2fs/segment.c   | 17 --
 fs/f2fs/super.c | 44 +
 fs/f2fs/sysfs.c | 16 +
 6 files changed, 72 insertions(+), 27 deletions(-)

diff --git a/Documentation/ABI/testing/sysfs-fs-f2fs 
b/Documentation/ABI/testing/sysfs-fs-f2fs
index 91822ce258317..d65b9ebc56190 100644
--- a/Documentation/ABI/testing/sysfs-fs-f2fs
+++ b/Documentation/ABI/testing/sysfs-fs-f2fs
@@ -243,3 +243,11 @@ Description:
 - Del: echo '[h/c]!extension' > 
/sys/fs/f2fs//extension_list
 - [h] means add/del hot file extension
 - [c] means add/del cold file extension
+
+What:  /sys/fs/f2fs//unusable
+Date   April 2019
+Contact:   "Daniel Rosenberg" 
+Description:
+   Displays the number of blocks that are unusable during 
checkpoint=disable
+   or the number of blocks that would be unusable if 
checkpoint=disable
+   were to be set.
diff --git a/Documentation/filesystems/f2fs.txt 
b/Documentation/filesystems/f2fs.txt
index f7b5e4ff0de3e..b3b5534407da7 100644
--- a/Documentation/filesystems/f2fs.txt
+++ b/Documentation/filesystems/f2fs.txt
@@ -214,11 +214,15 @@ fsync_mode=%s  Control the policy of fsync. 
Currently supports "posix",
non-atomic files likewise "nobarrier" mount option.
 test_dummy_encryption  Enable dummy encryption, which provides a fake fscrypt
context. The fake fscrypt context is used by xfstests.
-checkpoint=%s  Set to "disable" to turn off checkpointing. Set to 
"enable"
+checkpoint=%s[:%u] Set to "disable" to turn off checkpointing. Set to 
"enable"
to reenable checkpointing. Is enabled by default. While
disabled, any unmounting or unexpected shutdowns will 
cause
the filesystem contents to appear as they did when the
-   filesystem was mounted with that option.
+   filesystem was mounted with that option. While mounting
+   with disabled, you may optionally add a percentage to
+   limit the amount of space that checkpoint=disable denies
+   access to. If this is set, the mount may return EAGAIN 
if
+   additional garbage collection is required to meet the 
limit
 
 

 DEBUGFS ENTRIES
diff --git a/fs/f2fs/f2fs.h b/fs/f2fs/f2fs.h
index 30acde08822ef..d0477251cec56 100644
--- a/fs/f2fs/f2fs.h
+++ b/fs/f2fs/f2fs.h
@@ -136,6 +136,9 @@ struct f2fs_mount_info {
int alloc_mode; /* segment allocation policy */
int fsync_mode; /* fsync policy */
bool test_dummy_encryption; /* test dummy encryption */
+   block_t unusable_percent_cap;   /* Percent of space allowed to be
+* unusable when disabling checkpoint
+*/
 };
 
 #define F2FS_FEATURE_ENCRYPT   0x0001
@@ -3049,7 +3052,8 @@ bool f2fs_issue_discard_timeout(struct f2fs_sb_info *sbi);
 void f2fs_clear_prefree_segments(struct f2fs_sb_info *sbi,
struct cp_control *cpc);
 void f2fs_dirty_to_prefree(struct f2fs_sb_info *sbi);
-int f2fs_disable_cp_again(struct f2fs_sb_info *sbi);
+block_t f2fs_get_unusable_blocks(struct f2fs_sb_info *sbi);
+int f2fs_disable_cp_again(struct f2fs_sb_info *sbi, block_t unusable);
 void f2fs_release_discard_addrs(struct f2fs_sb_info *sbi);
 int f2fs_npages_for_summary_flush(struct f2fs_sb_info *sbi, bool for_ra);
 void f2fs_allocate_new_segments(struct f2fs_sb_info *sbi);
diff --git a/fs/f2fs/segment.c b/fs/f2fs/segment.c
index a3380d1de6000..704224f4a2866 100644
--- a/fs/f2fs/segment.c
+++ b/fs/f2fs/segment.c
@@ -869,11 +869,12 @@ void f2fs_dirty_to_prefree(struct f2fs_sb_info *sbi)
mutex_unlock(&dirty_i->seglist_lock);
 }
 
-int f2fs_disable_cp_again(struct f2fs_sb_info *sbi)
+block_t f2fs_get_unusable_blocks(struct f2fs_sb_info *sbi)
 {
-   struct dirty_seglist_info *dirty_i = DIRTY_I(sbi);
block_t ovp = overprovision_segments(s

[f2fs-dev] [f2fs:dev-test 15/41] include/trace/events/f2fs.h:1287:1: sparse: sparse: cast to restricted vm_fault_t

2019-04-23 Thread kbuild test robot
tree:   https://git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs.git 
dev-test
head:   2f7ea3581030c1a146db350dc5d3bf068861145b
commit: 93ed4e0804b3b5e9dc7e2cfe522b0a407ab7198c [15/41] f2fs: add tracepoint 
for f2fs_filemap_fault()
reproduce:
# apt-get install sparse
git checkout 93ed4e0804b3b5e9dc7e2cfe522b0a407ab7198c
make ARCH=x86_64 allmodconfig
make C=1 CF='-fdiagnostic-prefix -D__CHECK_ENDIAN__'

If you fix the issue, kindly add following tag
Reported-by: kbuild test robot 



sparse warnings: (new ones prefixed by >>)

>> include/trace/events/f2fs.h:1287:1: sparse: sparse: cast to restricted 
>> vm_fault_t
>> include/trace/events/f2fs.h:1287:1: sparse: sparse: cast to restricted 
>> vm_fault_t
>> include/trace/events/f2fs.h:1287:1: sparse: sparse: restricted vm_fault_t 
>> degrades to integer
>> include/trace/events/f2fs.h:1287:1: sparse: sparse: restricted vm_fault_t 
>> degrades to integer
   include/asm-generic/atomic-instrumented.h:239:26: sparse: sparse: context 
imbalance in 'f2fs_drop_inode' - unexpected unlock

vim +1287 include/trace/events/f2fs.h

  1286  
> 1287  TRACE_EVENT(f2fs_filemap_fault,
  1288  
  1289  TP_PROTO(struct inode *inode, pgoff_t index, enum 
vm_fault_reason ret),
  1290  
  1291  TP_ARGS(inode, index, ret),
  1292  
  1293  TP_STRUCT__entry(
  1294  __field(dev_t,  dev)
  1295  __field(ino_t,  ino)
  1296  __field(pgoff_t, index)
  1297  __field(enum vm_fault_reason, ret)
  1298  ),
  1299  
  1300  TP_fast_assign(
  1301  __entry->dev= inode->i_sb->s_dev;
  1302  __entry->ino= inode->i_ino;
  1303  __entry->index  = index;
  1304  __entry->ret= ret;
  1305  ),
  1306  
  1307  TP_printk("dev = (%d,%d), ino = %lu, index = %lu, ret = %u",
  1308  show_dev_ino(__entry),
  1309  (unsigned long)__entry->index,
  1310  ret)
  1311  );
  1312  

---
0-DAY kernel test infrastructureOpen Source Technology Center
https://lists.01.org/pipermail/kbuild-all   Intel Corporation


___
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel


Re: [f2fs-dev] [PATCH 1/2] f2fs: allow unfixed f2fs_checkpoint.checksum_offset

2019-04-23 Thread Jaegeuk Kim
On 04/23, Jaegeuk Kim wrote:
> On 04/22, Chao Yu wrote:
> > Previously, f2fs_checkpoint.checksum_offset points fixed position of
> > f2fs_checkpoint structure:
> > 
> > "#define CP_CHKSUM_OFFSET   4092"
> > 
> > It is unnecessary, and it breaks the consecutiveness of nat and sit
> > bitmap stored across checkpoint park block and payload blocks.
> > 
> > This patch allows f2fs to handle unfixed .checksum_offset.
> > 
> > In addition, for the case checksum value is stored in the middle of
> > checkpoint park, calculating checksum value with superposition method
> > like we did for inode_checksum.
> > 
> > Signed-off-by: Chao Yu 
> > ---
> >  fs/f2fs/checkpoint.c| 27 +--
> >  include/linux/f2fs_fs.h |  4 
> >  2 files changed, 25 insertions(+), 6 deletions(-)
> > 
> > diff --git a/fs/f2fs/checkpoint.c b/fs/f2fs/checkpoint.c
> > index 441814607b13..a25556aef8cc 100644
> > --- a/fs/f2fs/checkpoint.c
> > +++ b/fs/f2fs/checkpoint.c
> > @@ -794,13 +794,27 @@ static void write_orphan_inodes(struct f2fs_sb_info 
> > *sbi, block_t start_blk)
> > }
> >  }
> >  
> > +static __u32 f2fs_checkpoint_chksum(struct f2fs_sb_info *sbi,
> > +   struct f2fs_checkpoint *ckpt)
> > +{
> > +   unsigned int chksum_ofs = le32_to_cpu(ckpt->checksum_offset);
> > +   __u32 chksum;
> > +
> > +   chksum = f2fs_crc32(sbi, ckpt, chksum_ofs);
> > +   if (chksum_ofs < CP_CHKSUM_OFFSET) {
> > +   chksum_ofs += sizeof(chksum);
> > +   chksum = f2fs_chksum(sbi, chksum, (__u8 *)ckpt + chksum_ofs,
> > +   F2FS_BLKSIZE - chksum_ofs);
> 
> Do we need to cover __cp_payload(sbi) * blksize - chksum_ofs?

Self answer - it'd be fine to get 4KB only, since payload will be covered
by entire checkpoint pack.

> 
> > +   }
> > +   return chksum;
> > +}
> > +
> >  static int get_checkpoint_version(struct f2fs_sb_info *sbi, block_t 
> > cp_addr,
> > struct f2fs_checkpoint **cp_block, struct page **cp_page,
> > unsigned long long *version)
> >  {
> > -   unsigned long blk_size = sbi->blocksize;
> > size_t crc_offset = 0;
> > -   __u32 crc = 0;
> > +   __u32 crc;
> >  
> > *cp_page = f2fs_get_meta_page(sbi, cp_addr);
> > if (IS_ERR(*cp_page))
> > @@ -809,15 +823,16 @@ static int get_checkpoint_version(struct f2fs_sb_info 
> > *sbi, block_t cp_addr,
> > *cp_block = (struct f2fs_checkpoint *)page_address(*cp_page);
> >  
> > crc_offset = le32_to_cpu((*cp_block)->checksum_offset);
> > -   if (crc_offset > (blk_size - sizeof(__le32))) {
> > +   if (crc_offset < CP_MIN_CHKSUM_OFFSET ||
> > +   crc_offset > CP_CHKSUM_OFFSET) {
> > f2fs_put_page(*cp_page, 1);
> > f2fs_msg(sbi->sb, KERN_WARNING,
> > "invalid crc_offset: %zu", crc_offset);
> > return -EINVAL;
> > }
> >  
> > -   crc = cur_cp_crc(*cp_block);
> > -   if (!f2fs_crc_valid(sbi, crc, *cp_block, crc_offset)) {
> > +   crc = f2fs_checkpoint_chksum(sbi, *cp_block);
> > +   if (crc != cur_cp_crc(*cp_block)) {
> > f2fs_put_page(*cp_page, 1);
> > f2fs_msg(sbi->sb, KERN_WARNING, "invalid crc value");
> > return -EINVAL;
> > @@ -1425,7 +1440,7 @@ static int do_checkpoint(struct f2fs_sb_info *sbi, 
> > struct cp_control *cpc)
> > get_sit_bitmap(sbi, __bitmap_ptr(sbi, SIT_BITMAP));
> > get_nat_bitmap(sbi, __bitmap_ptr(sbi, NAT_BITMAP));
> >  
> > -   crc32 = f2fs_crc32(sbi, ckpt, le32_to_cpu(ckpt->checksum_offset));
> > +   crc32 = f2fs_checkpoint_chksum(sbi, ckpt);
> > *((__le32 *)((unsigned char *)ckpt +
> > le32_to_cpu(ckpt->checksum_offset)))
> > = cpu_to_le32(crc32);
> > diff --git a/include/linux/f2fs_fs.h b/include/linux/f2fs_fs.h
> > index 55da9abed023..65559900d4d7 100644
> > --- a/include/linux/f2fs_fs.h
> > +++ b/include/linux/f2fs_fs.h
> > @@ -164,6 +164,10 @@ struct f2fs_checkpoint {
> > unsigned char sit_nat_version_bitmap[1];
> >  } __packed;
> >  
> > +#define CP_CHKSUM_OFFSET   4092/* default chksum offset in checkpoint 
> > */
> > +#define CP_MIN_CHKSUM_OFFSET   
> > \
> > +   (offsetof(struct f2fs_checkpoint, sit_nat_version_bitmap))
> > +
> >  /*
> >   * For orphan inode management
> >   */
> > -- 
> > 2.18.0.rc1
> 
> 
> ___
> Linux-f2fs-devel mailing list
> Linux-f2fs-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel


___
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel


Re: [f2fs-dev] [PATCH 1/2] f2fs: allow unfixed f2fs_checkpoint.checksum_offset

2019-04-23 Thread Jaegeuk Kim
On 04/22, Chao Yu wrote:
> Previously, f2fs_checkpoint.checksum_offset points fixed position of
> f2fs_checkpoint structure:
> 
> "#define CP_CHKSUM_OFFSET 4092"
> 
> It is unnecessary, and it breaks the consecutiveness of nat and sit
> bitmap stored across checkpoint park block and payload blocks.
> 
> This patch allows f2fs to handle unfixed .checksum_offset.
> 
> In addition, for the case checksum value is stored in the middle of
> checkpoint park, calculating checksum value with superposition method
> like we did for inode_checksum.
> 
> Signed-off-by: Chao Yu 
> ---
>  fs/f2fs/checkpoint.c| 27 +--
>  include/linux/f2fs_fs.h |  4 
>  2 files changed, 25 insertions(+), 6 deletions(-)
> 
> diff --git a/fs/f2fs/checkpoint.c b/fs/f2fs/checkpoint.c
> index 441814607b13..a25556aef8cc 100644
> --- a/fs/f2fs/checkpoint.c
> +++ b/fs/f2fs/checkpoint.c
> @@ -794,13 +794,27 @@ static void write_orphan_inodes(struct f2fs_sb_info 
> *sbi, block_t start_blk)
>   }
>  }
>  
> +static __u32 f2fs_checkpoint_chksum(struct f2fs_sb_info *sbi,
> + struct f2fs_checkpoint *ckpt)
> +{
> + unsigned int chksum_ofs = le32_to_cpu(ckpt->checksum_offset);
> + __u32 chksum;
> +
> + chksum = f2fs_crc32(sbi, ckpt, chksum_ofs);
> + if (chksum_ofs < CP_CHKSUM_OFFSET) {
> + chksum_ofs += sizeof(chksum);
> + chksum = f2fs_chksum(sbi, chksum, (__u8 *)ckpt + chksum_ofs,
> + F2FS_BLKSIZE - chksum_ofs);

Do we need to cover __cp_payload(sbi) * blksize - chksum_ofs?

> + }
> + return chksum;
> +}
> +
>  static int get_checkpoint_version(struct f2fs_sb_info *sbi, block_t cp_addr,
>   struct f2fs_checkpoint **cp_block, struct page **cp_page,
>   unsigned long long *version)
>  {
> - unsigned long blk_size = sbi->blocksize;
>   size_t crc_offset = 0;
> - __u32 crc = 0;
> + __u32 crc;
>  
>   *cp_page = f2fs_get_meta_page(sbi, cp_addr);
>   if (IS_ERR(*cp_page))
> @@ -809,15 +823,16 @@ static int get_checkpoint_version(struct f2fs_sb_info 
> *sbi, block_t cp_addr,
>   *cp_block = (struct f2fs_checkpoint *)page_address(*cp_page);
>  
>   crc_offset = le32_to_cpu((*cp_block)->checksum_offset);
> - if (crc_offset > (blk_size - sizeof(__le32))) {
> + if (crc_offset < CP_MIN_CHKSUM_OFFSET ||
> + crc_offset > CP_CHKSUM_OFFSET) {
>   f2fs_put_page(*cp_page, 1);
>   f2fs_msg(sbi->sb, KERN_WARNING,
>   "invalid crc_offset: %zu", crc_offset);
>   return -EINVAL;
>   }
>  
> - crc = cur_cp_crc(*cp_block);
> - if (!f2fs_crc_valid(sbi, crc, *cp_block, crc_offset)) {
> + crc = f2fs_checkpoint_chksum(sbi, *cp_block);
> + if (crc != cur_cp_crc(*cp_block)) {
>   f2fs_put_page(*cp_page, 1);
>   f2fs_msg(sbi->sb, KERN_WARNING, "invalid crc value");
>   return -EINVAL;
> @@ -1425,7 +1440,7 @@ static int do_checkpoint(struct f2fs_sb_info *sbi, 
> struct cp_control *cpc)
>   get_sit_bitmap(sbi, __bitmap_ptr(sbi, SIT_BITMAP));
>   get_nat_bitmap(sbi, __bitmap_ptr(sbi, NAT_BITMAP));
>  
> - crc32 = f2fs_crc32(sbi, ckpt, le32_to_cpu(ckpt->checksum_offset));
> + crc32 = f2fs_checkpoint_chksum(sbi, ckpt);
>   *((__le32 *)((unsigned char *)ckpt +
>   le32_to_cpu(ckpt->checksum_offset)))
>   = cpu_to_le32(crc32);
> diff --git a/include/linux/f2fs_fs.h b/include/linux/f2fs_fs.h
> index 55da9abed023..65559900d4d7 100644
> --- a/include/linux/f2fs_fs.h
> +++ b/include/linux/f2fs_fs.h
> @@ -164,6 +164,10 @@ struct f2fs_checkpoint {
>   unsigned char sit_nat_version_bitmap[1];
>  } __packed;
>  
> +#define CP_CHKSUM_OFFSET 4092/* default chksum offset in checkpoint 
> */
> +#define CP_MIN_CHKSUM_OFFSET \
> + (offsetof(struct f2fs_checkpoint, sit_nat_version_bitmap))
> +
>  /*
>   * For orphan inode management
>   */
> -- 
> 2.18.0.rc1


___
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel


Re: [f2fs-dev] Possible issues with fsck of f2fs root

2019-04-23 Thread Hagbard Celine
2019-04-23 4:55 GMT+02:00, Chao Yu :
> On 2019/4/22 18:05, Hagbard Celine wrote:
>> 2019-04-22 11:26 GMT+02:00, Chao Yu :
>>> On 2019/4/22 17:05, Hagbard Celine wrote:
 2019-04-22 9:37 GMT+02:00, Chao Yu :
> On 2019/4/22 15:11, Hagbard Celine wrote:
>> With this patch the one problem with opening the device in RO mode is
>> fixed.
>
> Oops, with default preen mode fsck should not open ro mounted image,
> that's
> the
> rule we keep line with ext4...
>
> How about changing to use -f in your scenario ( on RO mounted root
> image
> )?

 This was with -f. Without -f it still refuses to open the device.
>>>
>>> What I mean is we'd better to keep line with ext4, just refusing to open
>>> ro
>>> mounted device without -f, since triggering fsck and repair on a mounted
>>> device
>>> is dangerous, it can easily make inconsistency in between in-memory data
>>> and
>>> on-disk data of filesystem. Refusing fsck without -f is to make user
>>> being
>>> aware
>>> of such danger.
>>
>> I am sorry, I've apparently added the -f after my first report. After
>> re-testing it seems that fsck.f2fs is opening the RO partition even
>> without this patch if I use -f. So the part about fsck.f2fs not being
>> able to open RO mounted partition during boot was a user error.
>
> I've sent a patch for your second issue, could you please have a try with
> it?
>
> [PATCH] fsck.f2fs: fix to repair ro mounted device w/ -f
>
> But one concern is that, with this patch, not like the fsck.ext4, fsck.f2fs
> won't show any interaction with below reminding word to remind user to
> decide
> repair or not, it may increase the risk of damaging the device.
>
> Do you want to restore lost files into ./lost_found/?
> Do you want to fix this partition? [Y/N]
>
> Jaegeuk, Hagbard,
>
> Any suggestion on this, in current scenario, how about implement:
> 1. fsck.f2fs -f ro_mounted_device: check; show interaction words if there
> is
> corruption;
> 2. fsck.f2fs -f -a ro_moutned_device: check and repair automatically;

I answered this all too quickly and did not think it trough properly.
As it stands today, if I run "fsck.f2fs -f /dev/some_unmounted_disk"
it will always do a full fsck.
If I on the other hand do "fsck.f2fs -f -a /dev/some_unmounted_disk"
it sometimes only reads the checkpoint state and returns with: "Info:
No errors was reported".
I do not have a ext4 partition with errors to test, but I have a fat
partition that comes up with "Free cluster summary wrong" on every run
of fsck.fat and there fsck asks for confirmation when run with "-f"
and autofixes without asking when running with "-f -a".

Considering this I believe the proposed solution would be
counter-intuitive, unless fsck.ext4 behaves opposite of fsck.fat
already.
>
> Thanks,
>
>>
>>>
>>> Thanks,
>>>


> Thanks,
>
>> But as far as I can understand it will still only check the fs, not
>> fix
>> it.
>>
>>
>> 2019-04-21 12:27 GMT+02:00, Jaegeuk Kim :
>>
>>>
>>> New version of the patch is:
>>>
>>> From 3221692b060649378f1f69b898ed85a814af3dbf Mon Sep 17 00:00:00
>>> 2001
>>> From: Jaegeuk Kim 
>>> Date: Tue, 16 Apr 2019 11:46:31 -0700
>>> Subject: [PATCH] fsck.f2fs: open ro disk if we want to check fs only
>>>
>>> This patch fixes the "open failure" issue on ro disk, reported by
>>> Hagbard.
>>>
>>> "
>>>  If I boot with kernel option "ro rootfstype=f2fs
>>>  I get the following halfway trough boot:
>>>
>>>   * Checking local filesystems  ...
>>>  Info: Use default preen mode
>>>  Info: Mounted device!
>>>  Info: Check FS only due to RO
>>>  Error: Failed to open the device!
>>>   * Filesystems couldn't be fixed
>>> "
>>>
>>> Reported-by: Hagbard Celine 
>>> Signed-off-by: Jaegeuk Kim 
>>> ---
>>>  lib/libf2fs.c | 25 +
>>>  1 file changed, 21 insertions(+), 4 deletions(-)
>>>
>>> diff --git a/lib/libf2fs.c b/lib/libf2fs.c
>>> index d30047f..853e713 100644
>>> --- a/lib/libf2fs.c
>>> +++ b/lib/libf2fs.c
>>> @@ -789,6 +789,15 @@ void get_kernel_uname_version(__u8 *version)
>>>  #endif /* APPLE_DARWIN */
>>>
>>>  #ifndef ANDROID_WINDOWS_HOST
>>> +static int open_check_fs(char *path, int flag)
>>> +{
>>> +   if (c.func != FSCK || c.fix_on || c.auto_fix)
>>> +   return -1;
>>> +
>>> +   /* allow to open ro */
>>> +   return open(path, O_RDONLY | flag);
>>> +}
>>> +
>>>  int get_device_info(int i)
>>>  {
>>> int32_t fd = 0;
>>> @@ -810,8 +819,11 @@ int get_device_info(int i)
>>> if (c.sparse_mode) {
>>> fd = open(dev->path, O_RDWR | O_CREAT | O_BINARY, 0644);
>>> if (fd < 0) {
>>> -   MSG(0, "\tError: Failed to open a sparse 
>>> file!\n");
>>> -   

Re: [f2fs-dev] Possible issues with fsck of f2fs root

2019-04-23 Thread Hagbard Celine
2019-04-23 13:59 GMT+02:00, Hagbard Celine :
> 2019-04-23 4:55 GMT+02:00, Chao Yu :
>> On 2019/4/22 18:05, Hagbard Celine wrote:
>>> 2019-04-22 11:26 GMT+02:00, Chao Yu :
 On 2019/4/22 17:05, Hagbard Celine wrote:
> 2019-04-22 9:37 GMT+02:00, Chao Yu :
>> On 2019/4/22 15:11, Hagbard Celine wrote:
>>> With this patch the one problem with opening the device in RO mode
>>> is
>>> fixed.
>>
>> Oops, with default preen mode fsck should not open ro mounted image,
>> that's
>> the
>> rule we keep line with ext4...
>>
>> How about changing to use -f in your scenario ( on RO mounted root
>> image
>> )?
>
> This was with -f. Without -f it still refuses to open the device.

 What I mean is we'd better to keep line with ext4, just refusing to
 open
 ro
 mounted device without -f, since triggering fsck and repair on a
 mounted
 device
 is dangerous, it can easily make inconsistency in between in-memory
 data
 and
 on-disk data of filesystem. Refusing fsck without -f is to make user
 being
 aware
 of such danger.
>>>
>>> I am sorry, I've apparently added the -f after my first report. After
>>> re-testing it seems that fsck.f2fs is opening the RO partition even
>>> without this patch if I use -f. So the part about fsck.f2fs not being
>>> able to open RO mounted partition during boot was a user error.
>>
>> I've sent a patch for your second issue, could you please have a try with
>> it?
>>
>> [PATCH] fsck.f2fs: fix to repair ro mounted device w/ -f
>
> Tested by forcing a sudden_power_off by reset-switch, seems to work.
>
>> But one concern is that, with this patch, not like the fsck.ext4,
>> fsck.f2fs
>> won't show any interaction with below reminding word to remind user to
>> decide
>> repair or not, it may increase the risk of damaging the device.
>>
>> Do you want to restore lost files into ./lost_found/?
>> Do you want to fix this partition? [Y/N]
>>
>> Jaegeuk, Hagbard,
>>
>> Any suggestion on this, in current scenario, how about implement:
>> 1. fsck.f2fs -f ro_mounted_device: check; show interaction words if there
>> is
>> corruption;
>> 2. fsck.f2fs -f -a ro_moutned_device: check and repair automatically;
>
> I guess that would be ok. Just to mention: Gentoo defaults to "fsck -A
> -p" during boot, where I can add the "-f" option by config file. I am
> not up to date on what other distros uses for default
> options in their fsck command during boot.

Please ignore that part about defaults, I misread the script: if I set
-f in config file it replaces the default -p, I checked with "set -o
xtrace".

>
>> Thanks,
>>
>>>

 Thanks,

>
>
>> Thanks,
>>
>>> But as far as I can understand it will still only check the fs, not
>>> fix
>>> it.
>>>
>>>
>>> 2019-04-21 12:27 GMT+02:00, Jaegeuk Kim :
>>>

 New version of the patch is:

 From 3221692b060649378f1f69b898ed85a814af3dbf Mon Sep 17 00:00:00
 2001
 From: Jaegeuk Kim 
 Date: Tue, 16 Apr 2019 11:46:31 -0700
 Subject: [PATCH] fsck.f2fs: open ro disk if we want to check fs
 only

 This patch fixes the "open failure" issue on ro disk, reported by
 Hagbard.

 "
  If I boot with kernel option "ro rootfstype=f2fs
  I get the following halfway trough boot:

   * Checking local filesystems  ...
  Info: Use default preen mode
  Info: Mounted device!
  Info: Check FS only due to RO
  Error: Failed to open the device!
   * Filesystems couldn't be fixed
 "

 Reported-by: Hagbard Celine 
 Signed-off-by: Jaegeuk Kim 
 ---
  lib/libf2fs.c | 25 +
  1 file changed, 21 insertions(+), 4 deletions(-)

 diff --git a/lib/libf2fs.c b/lib/libf2fs.c
 index d30047f..853e713 100644
 --- a/lib/libf2fs.c
 +++ b/lib/libf2fs.c
 @@ -789,6 +789,15 @@ void get_kernel_uname_version(__u8 *version)
  #endif /* APPLE_DARWIN */

  #ifndef ANDROID_WINDOWS_HOST
 +static int open_check_fs(char *path, int flag)
 +{
 +  if (c.func != FSCK || c.fix_on || c.auto_fix)
 +  return -1;
 +
 +  /* allow to open ro */
 +  return open(path, O_RDONLY | flag);
 +}
 +
  int get_device_info(int i)
  {
int32_t fd = 0;
 @@ -810,8 +819,11 @@ int get_device_info(int i)
if (c.sparse_mode) {
fd = open(dev->path, O_RDWR | O_CREAT | O_BINARY, 0644);
if (fd < 0) {
 -  MSG(0, "\tError: Failed to open a sparse 
 file!\n");
 -  return -1;
 +   

Re: [f2fs-dev] Possible issues with fsck of f2fs root

2019-04-23 Thread Hagbard Celine
2019-04-23 4:55 GMT+02:00, Chao Yu :
> On 2019/4/22 18:05, Hagbard Celine wrote:
>> 2019-04-22 11:26 GMT+02:00, Chao Yu :
>>> On 2019/4/22 17:05, Hagbard Celine wrote:
 2019-04-22 9:37 GMT+02:00, Chao Yu :
> On 2019/4/22 15:11, Hagbard Celine wrote:
>> With this patch the one problem with opening the device in RO mode is
>> fixed.
>
> Oops, with default preen mode fsck should not open ro mounted image,
> that's
> the
> rule we keep line with ext4...
>
> How about changing to use -f in your scenario ( on RO mounted root
> image
> )?

 This was with -f. Without -f it still refuses to open the device.
>>>
>>> What I mean is we'd better to keep line with ext4, just refusing to open
>>> ro
>>> mounted device without -f, since triggering fsck and repair on a mounted
>>> device
>>> is dangerous, it can easily make inconsistency in between in-memory data
>>> and
>>> on-disk data of filesystem. Refusing fsck without -f is to make user
>>> being
>>> aware
>>> of such danger.
>>
>> I am sorry, I've apparently added the -f after my first report. After
>> re-testing it seems that fsck.f2fs is opening the RO partition even
>> without this patch if I use -f. So the part about fsck.f2fs not being
>> able to open RO mounted partition during boot was a user error.
>
> I've sent a patch for your second issue, could you please have a try with
> it?
>
> [PATCH] fsck.f2fs: fix to repair ro mounted device w/ -f

Tested by forcing a sudden_power_off by reset-switch, seems to work.

> But one concern is that, with this patch, not like the fsck.ext4, fsck.f2fs
> won't show any interaction with below reminding word to remind user to
> decide
> repair or not, it may increase the risk of damaging the device.
>
> Do you want to restore lost files into ./lost_found/?
> Do you want to fix this partition? [Y/N]
>
> Jaegeuk, Hagbard,
>
> Any suggestion on this, in current scenario, how about implement:
> 1. fsck.f2fs -f ro_mounted_device: check; show interaction words if there
> is
> corruption;
> 2. fsck.f2fs -f -a ro_moutned_device: check and repair automatically;

I guess that would be ok. Just to mention: Gentoo defaults to "fsck -A
-p" during boot, where I can add the "-f" option by config file. I am
not up to date on what other distros uses for default
options in their fsck command during boot.

> Thanks,
>
>>
>>>
>>> Thanks,
>>>


> Thanks,
>
>> But as far as I can understand it will still only check the fs, not
>> fix
>> it.
>>
>>
>> 2019-04-21 12:27 GMT+02:00, Jaegeuk Kim :
>>
>>>
>>> New version of the patch is:
>>>
>>> From 3221692b060649378f1f69b898ed85a814af3dbf Mon Sep 17 00:00:00
>>> 2001
>>> From: Jaegeuk Kim 
>>> Date: Tue, 16 Apr 2019 11:46:31 -0700
>>> Subject: [PATCH] fsck.f2fs: open ro disk if we want to check fs only
>>>
>>> This patch fixes the "open failure" issue on ro disk, reported by
>>> Hagbard.
>>>
>>> "
>>>  If I boot with kernel option "ro rootfstype=f2fs
>>>  I get the following halfway trough boot:
>>>
>>>   * Checking local filesystems  ...
>>>  Info: Use default preen mode
>>>  Info: Mounted device!
>>>  Info: Check FS only due to RO
>>>  Error: Failed to open the device!
>>>   * Filesystems couldn't be fixed
>>> "
>>>
>>> Reported-by: Hagbard Celine 
>>> Signed-off-by: Jaegeuk Kim 
>>> ---
>>>  lib/libf2fs.c | 25 +
>>>  1 file changed, 21 insertions(+), 4 deletions(-)
>>>
>>> diff --git a/lib/libf2fs.c b/lib/libf2fs.c
>>> index d30047f..853e713 100644
>>> --- a/lib/libf2fs.c
>>> +++ b/lib/libf2fs.c
>>> @@ -789,6 +789,15 @@ void get_kernel_uname_version(__u8 *version)
>>>  #endif /* APPLE_DARWIN */
>>>
>>>  #ifndef ANDROID_WINDOWS_HOST
>>> +static int open_check_fs(char *path, int flag)
>>> +{
>>> +   if (c.func != FSCK || c.fix_on || c.auto_fix)
>>> +   return -1;
>>> +
>>> +   /* allow to open ro */
>>> +   return open(path, O_RDONLY | flag);
>>> +}
>>> +
>>>  int get_device_info(int i)
>>>  {
>>> int32_t fd = 0;
>>> @@ -810,8 +819,11 @@ int get_device_info(int i)
>>> if (c.sparse_mode) {
>>> fd = open(dev->path, O_RDWR | O_CREAT | O_BINARY, 0644);
>>> if (fd < 0) {
>>> -   MSG(0, "\tError: Failed to open a sparse 
>>> file!\n");
>>> -   return -1;
>>> +   fd = open_check_fs(dev->path, O_BINARY);
>>> +   if (fd < 0) {
>>> +   MSG(0, "\tError: Failed to open a 
>>> sparse file!\n");
>>> +   return -1;
>>> +   }
>>> }
>>> }
>>>
>>> @@ -825,10 +837,15 @@ int get