On 12/05/2021 14:28, Mikulas Patocka wrote:
> Revert the commit 7a5b96b4784454ba258e83dc7469ddbacd3aaac3 ("dm integrity:
> use discard support when recalculating").
>
> There's a bug that when we write some data beyond the current recalculate
> boundary, the checksum will be rewritten with the discard filler later.
> And the data will no longer have integrity protection.
>
> There's no easy fix for this case, so we revert the whole patch.
>
> Signed-off-by: Mikulas Patocka <mpatocka@xxxxxxxxxx>
Ack. After some discussion with Mikulas, we concluded that revert is the best option here.
Even with additional flag it would be problematic.
I already mentioned one case (blkid reading non-written area) but from the discussion,
here is another problematic case:
If we use dm-integrity to detect bitrot (random device errors; bit flips etc), dm-integrity
should detect that even for unused sectors.
With the mentioned patch it can happen that such change is undetected.
(Discard filler is not a valid checksum.)
...
>
> Index: linux-2.6/drivers/md/dm-integrity.c
> ===================================================================
> --- linux-2.6.orig/drivers/md/dm-integrity.c
> +++ linux-2.6/drivers/md/dm-integrity.c
...
> @@ -4579,7 +4570,7 @@ static void dm_integrity_dtr(struct dm_t
>
> static struct target_type integrity_target = {
> .name = "integrity",
> - .version = {1, 9, 0},
> + .version = {1, 8, 0},
Not sure we can do that once it is in mainline.
Maybe safer is to set it to 1.10.0. (Question for Mike perhaps).
Milan
--
dm-devel mailing list
dm-devel@xxxxxxxxxx
https://listman.redhat.com/mailman/listinfo/dm-devel
