On Wed, May 12, 2021 at 12:47:14PM -0700, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@xxxxxxxxxx>
>
> commit 3c0315424f5e3d2a4113c7272367bee1e8e6a174 upstream.
>
> f2fs didn't properly clean up if verity failed to be enabled on a file:
>
> - It left verity metadata (pages past EOF) in the page cache, which
> would be exposed to userspace if the file was later extended.
>
> - It didn't truncate the verity metadata at all (either from cache or
> from disk) if an error occurred while setting the verity bit.
>
> Fix these bugs by adding a call to truncate_inode_pages() and ensuring
> that we truncate the verity metadata (both from cache and from disk) in
> all error paths. Also rework the code to cleanly separate the success
> path from the error paths, which makes it much easier to understand.
>
> Finally, log a message if f2fs_truncate() fails, since it might
> otherwise fail silently.
>
> Reported-by: Yunlei He <heyunlei@xxxxxxxxxxx>
> Fixes: 95ae251fe828 ("f2fs: add fs-verity support")
> Cc: <stable@xxxxxxxxxxxxxxx> # v5.4+
> Signed-off-by: Eric Biggers <ebiggers@xxxxxxxxxx>
> Reviewed-by: Chao Yu <yuchao0@xxxxxxxxxx>
> Signed-off-by: Jaegeuk Kim <jaegeuk@xxxxxxxxxx>
> ---
> fs/f2fs/verity.c | 75 ++++++++++++++++++++++++++++++++++--------------
> 1 file changed, 54 insertions(+), 21 deletions(-)
Now queued up, thanks.
greg k-h
