Commit 63d88195 authored Dec 03, 2020 by Hyeongseok Kim Committed by Greg Kroah-Hartman Jan 06, 2021

dm verity: skip verity work if I/O error when system is shutting down



[ Upstream commit 252bd1256396cebc6fc3526127fdb0b317601318 ]

If emergency system shutdown is called, like by thermal shutdown,
a dm device could be alive when the block device couldn't process
I/O requests anymore. In this state, the handling of I/O errors
by new dm I/O requests or by those already in-flight can lead to
a verity corruption state, which is a misjudgment.

So, skip verity work in response to I/O error when system is shutting
down.

Signed-off-by: Hyeongseok Kim <hyeongseok@gmail.com>
Reviewed-by: Sami Tolvanen <samitolvanen@google.com>
Signed-off-by: Mike Snitzer <snitzer@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>

parent 5ec9c5d2

drivers/md/dm-verity-target.c

+11 −1

Original line number	Diff line number	Diff line
		@@ -533,6 +533,15 @@ static int verity_verify_io(struct dm_verity_io *io)
		return 0;
		}

		/*
		* Skip verity work in response to I/O error when system is shutting down.
		*/
		static inline bool verity_is_system_shutting_down(void)
		{
		return system_state == SYSTEM_HALT \|\| system_state == SYSTEM_POWER_OFF
		\|\| system_state == SYSTEM_RESTART;
		}

		/*
		* End one "io" structure with a given error.
		*/
		@@ -560,7 +569,8 @@ static void verity_end_io(struct bio *bio)
		{
		struct dm_verity_io *io = bio->bi_private;

		if (bio->bi_status && !verity_fec_is_enabled(io->v)) {
		if (bio->bi_status &&
		(!verity_fec_is_enabled(io->v) \|\| verity_is_system_shutting_down())) {
		verity_finish_io(io, bio->bi_status);
		return;
		}