- Added patches to fix journal with FSS protection enabled (bsc#1000435)

0001-journal-fix-HMAC-calculation-when-appending-a-data-o.patch
   0001-journal-set-STATE_ARCHIVED-as-part-of-offlining-2740.patch
   0001-journal-warn-when-we-fail-to-append-a-tag-to-a-journ.patch

OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=952
This commit is contained in:
Franck Bui 2016-09-26 09:11:19 +00:00 committed by Git OBS Bridge
parent 81b3fbf7c4
commit 35fc3cae4d
7 changed files with 213 additions and 0 deletions

View File

@ -0,0 +1,54 @@
From 6dac79e09ec1b45f05b3e9a5f1f445859b6eefd2 Mon Sep 17 00:00:00 2001
From: Franck Bui <fbui@suse.com>
Date: Fri, 23 Sep 2016 13:33:01 +0200
Subject: [PATCH 1/1] journal: fix HMAC calculation when appending a data
object
Since commit 5996c7c295e073ce21d41305169132c8aa993ad0 (v190 !), the
calculation of the HMAC is broken because the hash for a data object
including a field is done in the wrong order: the field object is
hashed before the data object is.
However during verification, the hash is done in the opposite order as
objects are scanned sequentially.
(cherry picked from commit 33685a5a3a98c6ded64d0cc25e37d0180ceb0a6a)
[fbui: fixes bsc#1000435]
---
src/journal/journal-file.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/src/journal/journal-file.c b/src/journal/journal-file.c
index a9882cf..a24d97d 100644
--- a/src/journal/journal-file.c
+++ b/src/journal/journal-file.c
@@ -1111,6 +1111,12 @@ static int journal_file_append_data(
if (r < 0)
return r;
+#ifdef HAVE_GCRYPT
+ r = journal_file_hmac_put_object(f, OBJECT_DATA, o, p);
+ if (r < 0)
+ return r;
+#endif
+
/* The linking might have altered the window, so let's
* refresh our pointer */
r = journal_file_move_to_object(f, OBJECT_DATA, p, &o);
@@ -1135,12 +1141,6 @@ static int journal_file_append_data(
fo->field.head_data_offset = le64toh(p);
}
-#ifdef HAVE_GCRYPT
- r = journal_file_hmac_put_object(f, OBJECT_DATA, o, p);
- if (r < 0)
- return r;
-#endif
-
if (ret)
*ret = o;
--
2.10.0

View File

@ -0,0 +1,93 @@
From 0d0bad044f8f19c472acb69d10861a66d3d267b6 Mon Sep 17 00:00:00 2001
From: Vito Caputo <vcaputo@gnugeneration.com>
Date: Tue, 26 Apr 2016 23:29:43 -0700
Subject: [PATCH 1/1] journal: set STATE_ARCHIVED as part of offlining (#2740)
The only code path which makes a journal durable is via
journal_file_set_offline().
When we perform a rotate the journal's header->state is being set to
STATE_ARCHIVED prior to journal_file_set_offline() being called.
In journal_file_set_offline(), we short-circuit the entire offline when
f->header->state != STATE_ONLINE.
This all results in none of the journal_file_set_offline() fsync() calls
being reached when rotate archives a journal, so archived journals are
never explicitly made durable.
What we do now is instead of setting the f->header->state to
STATE_ARCHIVED directly in journal_file_rotate() prior to
journal_file_close(), we set an archive flag in f->archive for the
journal_file_set_offline() machinery to honor by committing
STATE_ARCHIVED instead of STATE_OFFLINE when set.
Prior to this, rotated journals were never getting fsync() explicitly
performed on them, since journal_file_set_offline() short-circuited.
Obviously this is undesirable, and depends entirely on the underlying
filesystem as to how much durability was achieved when simply closing
the file.
Note that this problem existed prior to the recent asynchronous fsync
changes, but those changes do facilitate our performing this durable
offline on rotate without blocking, regardless of the underlying
filesystem sync-on-close semantics.
(cherry picked from commit 8eb851711fd166024297c425e9261200c36f489d)
[fbui: context adjustment: the asynchronous journal_file_set_offline()
thingie doesn't exist in v228]
[fbui: this also fixes the case when we wanted to append a tag (for
FSS verification) when closing the journal. Before this patch,
journal_file_append_tag() failed (silently) because re-opening
the journal to write the tag was not possible since it was
already in "archived" mode.]
---
src/journal/journal-file.c | 10 ++++++++--
src/journal/journal-file.h | 1 +
2 files changed, 9 insertions(+), 2 deletions(-)
diff --git a/src/journal/journal-file.c b/src/journal/journal-file.c
index f9ff954..e7eecad 100644
--- a/src/journal/journal-file.c
+++ b/src/journal/journal-file.c
@@ -130,7 +130,7 @@ int journal_file_set_offline(JournalFile *f) {
if (mmap_cache_got_sigbus(f->mmap, f->fd))
return -EIO;
- f->header->state = STATE_OFFLINE;
+ f->header->state = f->archive ? STATE_ARCHIVED : STATE_OFFLINE;
if (mmap_cache_got_sigbus(f->mmap, f->fd))
return -EIO;
@@ -2813,7 +2813,13 @@ int journal_file_rotate(JournalFile **f, bool compress, bool seal) {
if (r < 0 && errno != ENOENT)
return -errno;
- old_file->header->state = STATE_ARCHIVED;
+ /* Set as archive so offlining commits w/state=STATE_ARCHIVED.
+ * Previously we would set old_file->header->state to STATE_ARCHIVED directly here,
+ * but journal_file_set_offline() short-circuits when state != STATE_ONLINE, which
+ * would result in the rotated journal never getting fsync() called before closing.
+ * Now we simply queue the archive state by setting an archive bit, leaving the state
+ * as STATE_ONLINE so proper offlining occurs. */
+ old_file->archive = true;
/* Currently, btrfs is not very good with out write patterns
* and fragments heavily. Let's defrag our journal files when
diff --git a/src/journal/journal-file.h b/src/journal/journal-file.h
index 898d12d..436e5ff 100644
--- a/src/journal/journal-file.h
+++ b/src/journal/journal-file.h
@@ -76,6 +76,7 @@ typedef struct JournalFile {
bool compress_lz4:1;
bool seal:1;
bool defrag_on_close:1;
+ bool archive:1;
bool tail_entry_monotonic_valid:1;
--
2.10.0

View File

@ -0,0 +1,36 @@
From 9f47fe6b6a9aad001e99f1fdea78a0c54ce8ae55 Mon Sep 17 00:00:00 2001
From: Franck Bui <fbui@suse.com>
Date: Fri, 23 Sep 2016 12:12:13 +0200
Subject: [PATCH 1/1] journal: warn when we fail to append a tag to a journal
We shouldn't silently fail when appending the tag to a journal file
since FSS protection will simply be disabled in this case.
(cherry picked from commit 43cd8794839548a6f332875e8bee8bed2652bf2c)
---
src/journal/journal-file.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/src/journal/journal-file.c b/src/journal/journal-file.c
index e7eecad..a9882cf 100644
--- a/src/journal/journal-file.c
+++ b/src/journal/journal-file.c
@@ -145,8 +145,13 @@ JournalFile* journal_file_close(JournalFile *f) {
#ifdef HAVE_GCRYPT
/* Write the final tag */
- if (f->seal && f->writable)
- journal_file_append_tag(f);
+ if (f->seal && f->writable) {
+ int r;
+
+ r = journal_file_append_tag(f);
+ if (r < 0)
+ log_error_errno(r, "Failed to append tag when closing journal: %m");
+ }
#endif
journal_file_set_offline(f);
--
2.10.0

View File

@ -1,3 +1,12 @@
-------------------------------------------------------------------
Mon Sep 26 09:09:27 UTC 2016 - fbui@suse.com
- Added patches to fix journal with FSS protection enabled (bsc#1000435)
0001-journal-fix-HMAC-calculation-when-appending-a-data-o.patch
0001-journal-set-STATE_ARCHIVED-as-part-of-offlining-2740.patch
0001-journal-warn-when-we-fail-to-append-a-tag-to-a-journ.patch
-------------------------------------------------------------------
Wed Sep 21 11:54:39 UTC 2016 - fbui@suse.com

View File

@ -265,6 +265,9 @@ Patch529: 0001-systemctl-pid1-do-not-warn-about-missing-install-inf.patch
Patch530: systemd-230-cgroup2-use-new-fstype-for-unified-hierarchy.patch
# PATCH-FIX-UPSTREAM -- fixed after 231
Patch531: 0001-rules-block-add-support-for-pmem-devices-3683.patch
Patch532: 0001-journal-set-STATE_ARCHIVED-as-part-of-offlining-2740.patch
Patch533: 0001-journal-warn-when-we-fail-to-append-a-tag-to-a-journ.patch
Patch534: 0001-journal-fix-HMAC-calculation-when-appending-a-data-o.patch
# UDEV PATCHES
# ============
@ -611,6 +614,9 @@ cp %{SOURCE7} m4/
%patch529 -p1
%patch530 -p1
%patch531 -p1
%patch532 -p1
%patch533 -p1
%patch534 -p1
# udev patches
%patch1002 -p1

View File

@ -1,3 +1,12 @@
-------------------------------------------------------------------
Mon Sep 26 09:09:27 UTC 2016 - fbui@suse.com
- Added patches to fix journal with FSS protection enabled (bsc#1000435)
0001-journal-fix-HMAC-calculation-when-appending-a-data-o.patch
0001-journal-set-STATE_ARCHIVED-as-part-of-offlining-2740.patch
0001-journal-warn-when-we-fail-to-append-a-tag-to-a-journ.patch
-------------------------------------------------------------------
Wed Sep 21 11:54:39 UTC 2016 - fbui@suse.com

View File

@ -260,6 +260,9 @@ Patch529: 0001-systemctl-pid1-do-not-warn-about-missing-install-inf.patch
Patch530: systemd-230-cgroup2-use-new-fstype-for-unified-hierarchy.patch
# PATCH-FIX-UPSTREAM -- fixed after 231
Patch531: 0001-rules-block-add-support-for-pmem-devices-3683.patch
Patch532: 0001-journal-set-STATE_ARCHIVED-as-part-of-offlining-2740.patch
Patch533: 0001-journal-warn-when-we-fail-to-append-a-tag-to-a-journ.patch
Patch534: 0001-journal-fix-HMAC-calculation-when-appending-a-data-o.patch
# UDEV PATCHES
# ============
@ -606,6 +609,9 @@ cp %{SOURCE7} m4/
%patch529 -p1
%patch530 -p1
%patch531 -p1
%patch532 -p1
%patch533 -p1
%patch534 -p1
# udev patches
%patch1002 -p1