Received: by 2002:a25:d7c1:0:0:0:0:0 with SMTP id o184csp366793ybg; Tue, 22 Oct 2019 22:33:32 -0700 (PDT) X-Google-Smtp-Source: APXvYqyUa0EPj58lc0OewtuQ5KttbKHstPf46QTTpuKffZ8BrHjzmRgeeIgiq28JShFXmI4sTvg0 X-Received: by 2002:a05:6402:1492:: with SMTP id e18mr34877616edv.140.1571808812328; Tue, 22 Oct 2019 22:33:32 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1571808812; cv=none; d=google.com; s=arc-20160816; b=BBwv4Xo6BSOPzbjHEYuZYo8T2NNHHV3OtVlruQnCLHcsmAWbkjMzf4GekbNTicU1qd j7wI+v0HGXIMH7vOXqMyj39CXi+nnn7kBjMo2mSoBT4uYcs3WD0CFQUrxaT6+ExzRYhM zrkJrgXj6H0z2ktJrD4q/DHFm6Lo4KX70FEpXvGQPGeJMCPa4Z4nxwxuqKDRjet9OiPg dpy2ADhMFSCPuqkEQAv2f+BUz5DjFKB4+BS1ansjIjYUV3jFE+lai4m2eled0H0mJqsv JGfC7ziBs5fzB+DxWeFIH9cUZR5ECzqKoIrO2LFMyeOPcBTfNaVLHeWy35Nhg4rfgIdC 5rQg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from; bh=2KfMxS/qpsMcAUlSz2Y6TaT+UOg17WufBlVtBKO3II4=; b=NqnMmMQ35m2FqPfEwr/7by/XI8uv7CNKmGln9X8JfMg8XttH6EJdTrAkvH15r7Nmv6 327eW74UN1oTvLPf7gEKB13ftEezfVjZMOtoIqf+7F7dfIEKYDuZaGdC4JYU2ljZlPBG y6yUdmmWaJF/vsQ9M5bKtcY5hLV0/gjJJcfCv68UFQlls3VuosCqLYvWglj0dQ7Z8yr/ JGVUL8BR+GWFH4Y1Tjwx4Cs1c1qbRC7CKbImVnPcNvY0kIttSx5BmgDR6YfLvLyVUgSa RazmtGYWyooyVGooZXVJpbqCLhIoWIFgt7SQivzD6uqs6RLf4qMX2po/VOwrpT2R1/Cc bPfw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id e15si8205052ejq.269.2019.10.22.22.33.08; Tue, 22 Oct 2019 22:33:32 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726069AbfJWEDZ (ORCPT + 99 others); Wed, 23 Oct 2019 00:03:25 -0400 Received: from szxga04-in.huawei.com ([45.249.212.190]:4705 "EHLO huawei.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1725780AbfJWEDZ (ORCPT ); Wed, 23 Oct 2019 00:03:25 -0400 Received: from DGGEMS414-HUB.china.huawei.com (unknown [172.30.72.60]) by Forcepoint Email with ESMTP id 96040EF763408D7CB488; Wed, 23 Oct 2019 12:03:20 +0800 (CST) Received: from architecture4.huawei.com (10.140.130.215) by smtp.huawei.com (10.3.19.214) with Microsoft SMTP Server (TLS) id 14.3.439.0; Wed, 23 Oct 2019 12:03:11 +0800 From: Gao Xiang To: Chao Yu , CC: , Gao Xiang , "Pratik Shinde" , Gao Xiang Subject: [PATCH v4] erofs: support superblock checksum Date: Wed, 23 Oct 2019 12:05:57 +0800 Message-ID: <20191023040557.230886-1-gaoxiang25@huawei.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20191022180620.19638-1-pratikshinde320@gmail.com> References: <20191022180620.19638-1-pratikshinde320@gmail.com> MIME-Version: 1.0 Content-Type: text/plain X-Originating-IP: [10.140.130.215] X-CFilter-Loop: Reflected Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Pratik Shinde Introduce superblock checksum feature in order to check a number of given blocks at mounting time. Signed-off-by: Pratik Shinde Signed-off-by: Gao Xiang --- changes from v3: (based on Pratik's v3 patch) - add LIBCRC32C dependency; - use kmap() in order to avoid sleeping in atomic context; - skip the first 1024 byte for x86 boot sector, co-tested with userspace utils, https://lore.kernel.org/r/20191023034957.184711-1-gaoxiang25@huawei.com fs/erofs/Kconfig | 1 + fs/erofs/erofs_fs.h | 6 +++-- fs/erofs/internal.h | 2 ++ fs/erofs/super.c | 53 +++++++++++++++++++++++++++++++++++++++++++-- 4 files changed, 58 insertions(+), 4 deletions(-) diff --git a/fs/erofs/Kconfig b/fs/erofs/Kconfig index 9d634d3a1845..74b0aaa7114c 100644 --- a/fs/erofs/Kconfig +++ b/fs/erofs/Kconfig @@ -3,6 +3,7 @@ config EROFS_FS tristate "EROFS filesystem support" depends on BLOCK + select LIBCRC32C help EROFS (Enhanced Read-Only File System) is a lightweight read-only file system with modern designs (eg. page-sized diff --git a/fs/erofs/erofs_fs.h b/fs/erofs/erofs_fs.h index b1ee5654750d..461913be1d1c 100644 --- a/fs/erofs/erofs_fs.h +++ b/fs/erofs/erofs_fs.h @@ -11,6 +11,8 @@ #define EROFS_SUPER_OFFSET 1024 +#define EROFS_FEATURE_COMPAT_SB_CHKSUM 0x00000001 + /* * Any bits that aren't in EROFS_ALL_FEATURE_INCOMPAT should * be incompatible with this kernel version. @@ -37,8 +39,8 @@ struct erofs_super_block { __u8 uuid[16]; /* 128-bit uuid for volume */ __u8 volume_name[16]; /* volume name */ __le32 feature_incompat; - - __u8 reserved2[44]; + __le32 chksum_blocks; /* number of blocks used for checksum */ + __u8 reserved2[40]; }; /* diff --git a/fs/erofs/internal.h b/fs/erofs/internal.h index 544a453f3076..a3778f597bf6 100644 --- a/fs/erofs/internal.h +++ b/fs/erofs/internal.h @@ -85,6 +85,7 @@ struct erofs_sb_info { u8 uuid[16]; /* 128-bit uuid for volume */ u8 volume_name[16]; /* volume name */ + u32 feature_compat; u32 feature_incompat; unsigned int mount_opt; @@ -426,6 +427,7 @@ static inline void z_erofs_exit_zip_subsystem(void) {} #endif /* !CONFIG_EROFS_FS_ZIP */ #define EFSCORRUPTED EUCLEAN /* Filesystem is corrupted */ +#define EFSBADCRC EBADMSG /* Bad CRC detected */ #endif /* __EROFS_INTERNAL_H */ diff --git a/fs/erofs/super.c b/fs/erofs/super.c index 0e369494f2f2..18d1ec18a671 100644 --- a/fs/erofs/super.c +++ b/fs/erofs/super.c @@ -9,6 +9,7 @@ #include #include #include +#include #include "xattr.h" #define CREATE_TRACE_POINTS @@ -46,6 +47,47 @@ void _erofs_info(struct super_block *sb, const char *function, va_end(args); } +static int erofs_superblock_csum_verify(struct super_block *sb, void *sbdata) +{ + struct erofs_super_block *dsb; + u32 expected_crc, nblocks, crc; + void *kaddr; + struct page *page; + int i; + + dsb = kmemdup(sbdata + EROFS_SUPER_OFFSET, + EROFS_BLKSIZ - EROFS_SUPER_OFFSET, GFP_KERNEL); + if (!dsb) + return -ENOMEM; + + expected_crc = le32_to_cpu(dsb->checksum); + nblocks = le32_to_cpu(dsb->chksum_blocks); + dsb->checksum = 0; + /* to allow for x86 boot sectors and other oddities. */ + crc = crc32c(~0, dsb, EROFS_BLKSIZ - EROFS_SUPER_OFFSET); + kfree(dsb); + + for (i = 1; i < nblocks; i++) { + page = erofs_get_meta_page(sb, i); + if (IS_ERR(page)) + return PTR_ERR(page); + + kaddr = kmap_atomic(page); + crc = crc32c(crc, kaddr, EROFS_BLKSIZ); + kunmap_atomic(kaddr); + + unlock_page(page); + put_page(page); + } + + if (crc != expected_crc) { + erofs_err(sb, "invalid checksum 0x%08x, 0x%08x expected", + crc, expected_crc); + return -EFSBADCRC; + } + return 0; +} + static void erofs_inode_init_once(void *ptr) { struct erofs_inode *vi = ptr; @@ -112,7 +154,7 @@ static int erofs_read_superblock(struct super_block *sb) sbi = EROFS_SB(sb); - data = kmap_atomic(page); + data = kmap(page); dsb = (struct erofs_super_block *)(data + EROFS_SUPER_OFFSET); ret = -EINVAL; @@ -121,6 +163,13 @@ static int erofs_read_superblock(struct super_block *sb) goto out; } + sbi->feature_compat = le32_to_cpu(dsb->feature_compat); + if (sbi->feature_compat & EROFS_FEATURE_COMPAT_SB_CHKSUM) { + ret = erofs_superblock_csum_verify(sb, data); + if (ret) + goto out; + } + blkszbits = dsb->blkszbits; /* 9(512 bytes) + LOG_SECTORS_PER_BLOCK == LOG_BLOCK_SIZE */ if (blkszbits != LOG_BLOCK_SIZE) { @@ -155,7 +204,7 @@ static int erofs_read_superblock(struct super_block *sb) } ret = 0; out: - kunmap_atomic(data); + kunmap(data); put_page(page); return ret; } -- 2.17.1