On Tue, Mar 02, 2021 at 12:04:19PM -0800, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@xxxxxxxxxx>
>
> ext4 didn't properly clean up if verity failed to be enabled on a file:
>
> - It left verity metadata (pages past EOF) in the page cache, which
> would be exposed to userspace if the file was later extended.
>
> - It didn't truncate the verity metadata at all (either from cache or
> from disk) if an error occurred while setting the verity bit.
>
> Fix these bugs by adding a call to truncate_inode_pages() and ensuring
> that we truncate the verity metadata (both from cache and from disk) in
> all error paths. Also rework the code to cleanly separate the success
> path from the error paths, which makes it much easier to understand.
>
> Reported-by: Yunlei He <heyunlei@xxxxxxxxxxx>
> Fixes: c93d8f885809 ("ext4: add basic fs-verity support")
> Cc: <stable@xxxxxxxxxxxxxxx> # v5.4+
> Signed-off-by: Eric Biggers <ebiggers@xxxxxxxxxx>
Thanks, LGTM.
I've applied this to the ext4 with minor adjustment; I eliminated the
double blank line here:
> + ext4_clear_inode_state(inode, EXT4_STATE_VERITY_IN_PROGRESS);
> + return 0;
> +
> +
> +stop_and_cleanup:
> + ext4_journal_stop(handle);
...
- Ted
