From patchwork Fri Jan 12 02:16:25 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Darrick J. Wong" X-Patchwork-Id: 13517890 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8F51B110D for ; Fri, 12 Jan 2024 02:16:26 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="DRjeynqs" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 1171DC433C7; Fri, 12 Jan 2024 02:16:26 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1705025786; bh=GmZeOXF3k83Xj43hy2Logx9/rJOJUv/QjwOociPIYCE=; h=Date:Subject:From:To:Cc:From; b=DRjeynqsFnQOzCaseKV1guMNV/L7ZQSewnnev7UWUY0kyU4uT4GMtxBGOvKgxnQN/ fzBnsqt0LZRcZjDCHi8686YYHl3WTffYQNjHbimpf2LqjeXX618Dk/ihJdfYPBPKEW 9nberxhUqcbp5KMmmSbVuFymdfdraSVTsLoWcD029CPBEkv8lBEkQMgVdRAF4K6E+C oVROUkCwJQno6GmSfFpMeygiIhkLlVS64IJfQoBccwtrHE7YOMQ2Wr+kvSQBz/7UC2 3T4/RgYygeAO9M2Px9OGhnRC1ftiomwyQqUKhVogIgcotiJmx0IO2QcNVJm4BTu4dx IAeat4gOrJFBQ== Date: Thu, 11 Jan 2024 18:16:25 -0800 Subject: [GIT PULL 1/6] xfsprogs: various bug fixes for 6.6 From: "Darrick J. Wong" To: cem@kernel.org, djwong@kernel.org Cc: cmaiolino@redhat.com, hch@lst.de, linux-xfs@vger.kernel.org Message-ID: <170502573166.996574.10606759915783984277.stg-ugh@frogsfrogsfrogs> Precedence: bulk X-Mailing-List: linux-xfs@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Hi Carlos, Please pull this branch with changes for xfsprogs for 6.6-rc1. As usual, I did a test-merge with the main upstream branch as of a few minutes ago, and didn't see any conflicts. Please let me know if you encounter any problems. The following changes since commit c2371fdd0ffeecb407969ad3e4e1d55f26e26407: xfs_scrub: try to use XFS_SCRUB_IFLAG_FORCE_REBUILD (2023-12-21 18:29:14 -0800) are available in the Git repository at: https://git.kernel.org/pub/scm/linux/kernel/git/djwong/xfsprogs-dev.git tags/xfsprogs-fixes-6.6_2024-01-11 for you to fetch changes up to 55021e7533bc55100f8ae0125aec513885cc5987: libxfs: fix krealloc to allow freeing data (2024-01-11 18:07:03 -0800) ---------------------------------------------------------------- xfsprogs: various bug fixes for 6.6 [1/6] This series fixes a couple of bugs that I found in the userspace support libraries. Signed-off-by: Darrick J. Wong ---------------------------------------------------------------- Darrick J. Wong (1): libxfs: fix krealloc to allow freeing data libxfs/kmem.c | 10 ++++++++++ 1 file changed, 10 insertions(+) From patchwork Fri Jan 12 02:16:41 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Darrick J. Wong" X-Patchwork-Id: 13517891 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2C37E110D for ; Fri, 12 Jan 2024 02:16:41 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="RmXdvfEJ" Received: by smtp.kernel.org (Postfix) with ESMTPSA id A906CC433C7; Fri, 12 Jan 2024 02:16:41 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1705025801; bh=H4mJ4di6MR1EBLPnfiCBOYn5wJjWaTUD7yPeJBu/+dQ=; h=Date:Subject:From:To:Cc:From; b=RmXdvfEJzFjJYVkNljo1yT3WTQyDIq8MCe7ybAUKsowJDHUwh4sEqfR0y5gUQSlMv P8H077YMULG4SExCGOlWaxGYr7TYtbLm85ZP0Sfvnd2CESlccFSvLc+NR2LeQQNU8Q ETwMPj0UYvYNcLcLjmFZ4zYTL8rSChVI+Jj2G/Q9/PcA6N4wKbwteB66/GB5bbdFyb wAXwKyVTZXwBlO6ppBH1k6x9arAubjLCjXMEAZ3xSjzujyp9b06NwXo0HApjRFfNKZ puCoxR06KqiQNF357YlU94tqhXh8gvhvadHPtRLLo3BG7EXbIEjtLphaqd4f0alZxZ tnMG2jj/vxshw== Date: Thu, 11 Jan 2024 18:16:41 -0800 Subject: [GIT PULL 2/6] xfs_scrub: fix licensing and copyright notices From: "Darrick J. Wong" To: cem@kernel.org, djwong@kernel.org Cc: hch@lst.de, linux-xfs@vger.kernel.org Message-ID: <170502573264.996574.15670186027839841218.stg-ugh@frogsfrogsfrogs> Precedence: bulk X-Mailing-List: linux-xfs@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Hi Carlos, Please pull this branch with changes for xfsprogs for 6.6-rc1. As usual, I did a test-merge with the main upstream branch as of a few minutes ago, and didn't see any conflicts. Please let me know if you encounter any problems. The following changes since commit 55021e7533bc55100f8ae0125aec513885cc5987: libxfs: fix krealloc to allow freeing data (2024-01-11 18:07:03 -0800) are available in the Git repository at: https://git.kernel.org/pub/scm/linux/kernel/git/djwong/xfsprogs-dev.git tags/scrub-fix-legalese-6.6_2024-01-11 for you to fetch changes up to 52520522199efa984dcf172a3eb8d835b93e324e: xfs_scrub: update copyright years for scrub/ files (2024-01-11 18:08:46 -0800) ---------------------------------------------------------------- xfs_scrub: fix licensing and copyright notices [v28.3 2/6] Fix various attribution problems in the xfs_scrub source code, such as the author's contact information, out of date SPDX tags, and a rough estimate of when the feature was under heavy development. The most egregious parts are the files that are missing license information completely. Signed-off-by: Darrick J. Wong ---------------------------------------------------------------- Darrick J. Wong (3): xfs_scrub: fix author and spdx headers on scrub/ files xfs_scrub: add missing license and copyright information xfs_scrub: update copyright years for scrub/ files scrub/Makefile | 2 +- scrub/common.c | 6 +++--- scrub/common.h | 6 +++--- scrub/counter.c | 6 +++--- scrub/counter.h | 6 +++--- scrub/descr.c | 4 ++-- scrub/descr.h | 4 ++-- scrub/disk.c | 6 +++--- scrub/disk.h | 6 +++--- scrub/filemap.c | 6 +++--- scrub/filemap.h | 6 +++--- scrub/fscounters.c | 6 +++--- scrub/fscounters.h | 6 +++--- scrub/inodes.c | 6 +++--- scrub/inodes.h | 6 +++--- scrub/phase1.c | 6 +++--- scrub/phase2.c | 6 +++--- scrub/phase3.c | 6 +++--- scrub/phase4.c | 6 +++--- scrub/phase5.c | 6 +++--- scrub/phase6.c | 6 +++--- scrub/phase7.c | 6 +++--- scrub/progress.c | 6 +++--- scrub/progress.h | 6 +++--- scrub/read_verify.c | 6 +++--- scrub/read_verify.h | 6 +++--- scrub/repair.c | 6 +++--- scrub/repair.h | 6 +++--- scrub/scrub.c | 6 +++--- scrub/scrub.h | 6 +++--- scrub/spacemap.c | 6 +++--- scrub/spacemap.h | 6 +++--- scrub/unicrash.c | 6 +++--- scrub/unicrash.h | 6 +++--- scrub/vfs.c | 6 +++--- scrub/vfs.h | 6 +++--- scrub/xfs_scrub.c | 6 +++--- scrub/xfs_scrub.h | 6 +++--- scrub/xfs_scrub@.service.in | 5 +++++ scrub/xfs_scrub_all.cron.in | 5 +++++ scrub/xfs_scrub_all.in | 6 +++--- scrub/xfs_scrub_all.service.in | 5 +++++ scrub/xfs_scrub_all.timer | 5 +++++ scrub/xfs_scrub_fail | 5 +++++ scrub/xfs_scrub_fail@.service.in | 5 +++++ 45 files changed, 143 insertions(+), 113 deletions(-) From patchwork Fri Jan 12 02:16:56 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Darrick J. Wong" X-Patchwork-Id: 13517892 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AEBE2110D for ; Fri, 12 Jan 2024 02:16:57 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="T5zXbIJX" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 43346C433C7; Fri, 12 Jan 2024 02:16:57 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1705025817; bh=U+3fZN9mkpFj84/ufMJ8iuh3EsAUb59o3fxa5a+fL1s=; h=Date:Subject:From:To:Cc:From; b=T5zXbIJXY3IugHH+lZFs8+Z1s/VohSe+eyorFwBHaJbqdgWv832Bg8FB9tZqlB53r hTRbu5obrLs4YrXYPI7dX8rauxMilQtjN+iQJOFvgRHZVCv/P+iMJ6dv61x0Jly9z0 9nJxG2rnh71bfg0swmcqdpZVJqmXEOS2dumBb0QfkjS0PF5BT4EMe2dTWqD41Uylpx CFt2q53jWdlLRQLZDiYoIe38VOeLsLT4+Oksbz3kMkc2WO/kUgcT3b3ktBXbUqvDKh ruFyrcKFNLHYGcAr6q0wXV+iFU5rliT4BeJemaBzyHDjc9fhjWPxpe61RQww6rZ5BC ZpXYh3GUh+5yA== Date: Thu, 11 Jan 2024 18:16:56 -0800 Subject: [GIT PULL 3/6] xfs_scrub: fixes to the repair code From: "Darrick J. Wong" To: cem@kernel.org, djwong@kernel.org Cc: hch@lst.de, linux-xfs@vger.kernel.org Message-ID: <170502573357.996574.18197732259576686299.stg-ugh@frogsfrogsfrogs> Precedence: bulk X-Mailing-List: linux-xfs@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Hi Carlos, Please pull this branch with changes for xfsprogs for 6.6-rc1. As usual, I did a test-merge with the main upstream branch as of a few minutes ago, and didn't see any conflicts. Please let me know if you encounter any problems. The following changes since commit 52520522199efa984dcf172a3eb8d835b93e324e: xfs_scrub: update copyright years for scrub/ files (2024-01-11 18:08:46 -0800) are available in the Git repository at: https://git.kernel.org/pub/scm/linux/kernel/git/djwong/xfsprogs-dev.git tags/scrub-repair-fixes-6.6_2024-01-11 for you to fetch changes up to 96ac83c88e01ff7f59563ff76a96e555477c8637: xfs_scrub: don't report media errors for space with unknowable owner (2024-01-11 18:08:46 -0800) ---------------------------------------------------------------- xfs_scrub: fixes to the repair code [v28.3 3/6] Now that we've landed the new kernel code, it's time to reorganize the xfs_scrub code that handles repairs. Clean up various naming warts and misleading error messages. Move the repair code to scrub/repair.c as the first step. Then, fix various issues in the repair code before we start reorganizing things. Signed-off-by: Darrick J. Wong ---------------------------------------------------------------- Darrick J. Wong (2): xfs_scrub: flush stdout after printing to it xfs_scrub: don't report media errors for space with unknowable owner scrub/phase6.c | 13 ++++++++++++- scrub/xfs_scrub.c | 2 ++ 2 files changed, 14 insertions(+), 1 deletion(-) From patchwork Fri Jan 12 02:17:12 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Darrick J. Wong" X-Patchwork-Id: 13517893 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6FDC7110D for ; Fri, 12 Jan 2024 02:17:13 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="kUkkHg2o" Received: by smtp.kernel.org (Postfix) with ESMTPSA id CA0AAC433F1; Fri, 12 Jan 2024 02:17:12 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1705025832; bh=PbAKLH014UZGiEnFyscLB8KQwLpxdxPjuMtN3rPh0xU=; h=Date:Subject:From:To:Cc:From; b=kUkkHg2oakYrnlHsW/ACps+okq5X1oSf6A2XJyphXPYJXZcEShaVNAEy9WOkQvjwG mgtu0o7l3Tj0iK+dgAkwmN3Uoe9n3WsavPb3wiZ03NPSaqxieVRWO5PSJCSLNpmHpG XL9l7Iygb/uQ2r5Sw0IhWHDms8joW9BoKcrtqFCx/4/55O7pnNYyQExhKbt3cHNIoT 9z/Gb7lY+9EZSjD2s+XzmlfCzYmmcqnSHrwDVXCa0Nhzt93gyC8wj7Rx67M0vq+NUj g5OOIRR833JT2TllJZDe2a/Q780euaBwMkjx9CGkZz8htESwG1xqmXP/lfqWYuDedE dbOw2AtQPg0Hw== Date: Thu, 11 Jan 2024 18:17:12 -0800 Subject: [GIT PULL 4/6] xfs_scrub: fixes for systemd services From: "Darrick J. Wong" To: cem@kernel.org, djwong@kernel.org Cc: hch@lst.de, linux-xfs@vger.kernel.org, neal@gompa.dev Message-ID: <170502573456.996574.9256149259911075241.stg-ugh@frogsfrogsfrogs> Precedence: bulk X-Mailing-List: linux-xfs@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Hi Carlos, Please pull this branch with changes for xfsprogs for 6.6-rc1. As usual, I did a test-merge with the main upstream branch as of a few minutes ago, and didn't see any conflicts. Please let me know if you encounter any problems. The following changes since commit 96ac83c88e01ff7f59563ff76a96e555477c8637: xfs_scrub: don't report media errors for space with unknowable owner (2024-01-11 18:08:46 -0800) are available in the Git repository at: https://git.kernel.org/pub/scm/linux/kernel/git/djwong/xfsprogs-dev.git tags/scrub-service-fixes-6.6_2024-01-11 for you to fetch changes up to 3d37d8bf535fd6a8ab241a86433b449152746e6a: xfs_scrub_all.cron: move to package data directory (2024-01-11 18:08:47 -0800) ---------------------------------------------------------------- xfs_scrub: fixes for systemd services [v28.3 4/6] This series fixes deficiencies in the systemd services that were created to manage background scans. First, improve the debian packaging so that services get installed at package install time. Next, fix copyright and spdx header omissions. Finally, fix bugs in the mailer scripts so that scrub failures are reported effectively. Finally, fix xfs_scrub_all to deal with systemd restarts causing it to think that a scrub has finished before the service actually finishes. Signed-off-by: Darrick J. Wong ---------------------------------------------------------------- Darrick J. Wong (9): debian: install scrub services with dh_installsystemd xfs_scrub_all: escape service names consistently xfs_scrub: fix pathname escaping across all service definitions xfs_scrub_fail: fix sendmail detection xfs_scrub_fail: return the failure status of the mailer program xfs_scrub_fail: add content type header to failure emails xfs_scrub_fail: advise recipients not to reply xfs_scrub_fail: move executable script to /usr/libexec xfs_scrub_all.cron: move to package data directory debian/rules | 1 + include/builddefs.in | 2 +- scrub/Makefile | 26 ++++++++++----- scrub/xfs_scrub@.service.in | 6 ++-- scrub/xfs_scrub_all.in | 49 ++++++++++++----------------- scrub/{xfs_scrub_fail => xfs_scrub_fail.in} | 12 +++++-- scrub/xfs_scrub_fail@.service.in | 4 +-- 7 files changed, 55 insertions(+), 45 deletions(-) rename scrub/{xfs_scrub_fail => xfs_scrub_fail.in} (63%) From patchwork Fri Jan 12 02:17:28 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Darrick J. Wong" X-Patchwork-Id: 13517895 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id F2FDB110D for ; Fri, 12 Jan 2024 02:17:28 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="C6HFNaoH" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 60B9DC433F1; Fri, 12 Jan 2024 02:17:28 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1705025848; bh=6CFrbsWShN8Db4AHp8PRBRUBbsizlO+gbbcXi+URNmk=; h=Date:Subject:From:To:Cc:From; b=C6HFNaoHXEPB+cRzKBhym51irlcwpvlj+bjECdGCbNLQq+IlBWp+SITAm4k1V70mc M3eV2LrZS15eXSTT8o23vgp2ZyRGkBOsRO6rFS9ZSYPyEWvayOIC9p/WQWZdrx7k5d I265/iygyQfDv/EpdyEOEHpfAOXVw39wRSTa/+Dv840TyF3k4VYigb8g3VasbNZ/zf cd7Q6hucQwfoioYI6VZP6gCzkycKCA2/pyq2AEMpi220rfGW4wc0rQf4Tg3ZDlGUdy JWXOiTEt0lrkivXyvPfwW8teHNvtaB1+8KxnEIFugv47ERlwv63lbGgdt7emEeeMHU dA+OUYzz7bbNQ== Date: Thu, 11 Jan 2024 18:17:28 -0800 Subject: [GIT PULL 5/6] xfs_scrub_all: fixes for systemd services From: "Darrick J. Wong" To: cem@kernel.org, djwong@kernel.org Cc: hch@lst.de, linux-xfs@vger.kernel.org Message-ID: <170502573560.996574.2504743062956504522.stg-ugh@frogsfrogsfrogs> Precedence: bulk X-Mailing-List: linux-xfs@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Hi Carlos, Please pull this branch with changes for xfsprogs for 6.6-rc1. As usual, I did a test-merge with the main upstream branch as of a few minutes ago, and didn't see any conflicts. Please let me know if you encounter any problems. The following changes since commit 3d37d8bf535fd6a8ab241a86433b449152746e6a: xfs_scrub_all.cron: move to package data directory (2024-01-11 18:08:47 -0800) are available in the Git repository at: https://git.kernel.org/pub/scm/linux/kernel/git/djwong/xfsprogs-dev.git tags/scruball-service-fixes-6.6_2024-01-11 for you to fetch changes up to 1c95c17c8857223d05e8c4516af42c6d41ae579a: xfs_scrub_all: fix termination signal handling (2024-01-11 18:08:47 -0800) ---------------------------------------------------------------- xfs_scrub_all: fixes for systemd services [v28.3 5/6] This patchset ties up some problems in the xfs_scrub_all program and service, which are essential for finding mounted filesystems to scrub and creating the background service instances that do the scrub. First, we need to fix various errors in pathname escaping, because systemd does /not/ like slashes in service names. Then, teach xfs_scrub_all to deal with systemd restarts causing it to think that a scrub has finished before the service actually finishes. Finally, implement a signal handler so that SIGINT (console ^C) and SIGTERM (systemd stopping the service) shut down the xfs_scrub@ services correctly. Signed-off-by: Darrick J. Wong ---------------------------------------------------------------- Darrick J. Wong (4): xfs_scrub_all: fix argument passing when invoking xfs_scrub manually xfs_scrub_all: survive systemd restarts when waiting for services xfs_scrub_all: simplify cleanup of run_killable xfs_scrub_all: fix termination signal handling scrub/xfs_scrub_all.in | 157 +++++++++++++++++++++++++++++++++++++++---------- 1 file changed, 125 insertions(+), 32 deletions(-) From patchwork Fri Jan 12 02:17:43 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Darrick J. Wong" X-Patchwork-Id: 13517896 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8281A110D for ; Fri, 12 Jan 2024 02:17:44 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="dAmoL1cC" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 0CB3EC433F1; Fri, 12 Jan 2024 02:17:43 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1705025864; bh=YRN48qKE+8l7l3mJXYxwqugCHfvaB+idNRnAM5eoGYs=; h=Date:Subject:From:To:Cc:From; b=dAmoL1cCbW70n0exv/AK+y0Bk6Bn/kOYfaIuFxOAAvMVKPqae4k6k79whwvZn+Z4C NIxQOShF6k7JFEuVlKV+nk+oi31n1k7sNPMcNxaAsCAqraSd+zjEogk+d9tNtUgz1v JMMcJ24syAiAtIch7t2QMR23OGCY7FvTWAXWR4X4BxAxQmxHmufZhmnwMKnjgmVd9u lBSqSuPmdWW3FaBmhX0Mmwq58lGjaG6F1BLZ/NC9AoIDVWP7u1tkTUeqPqs8uSoASL mboDZCVH966eWBlngxUf1MaCdx2m6jAYd8jvqGvRTmVmmdeOyhQ9xURJnFL+5Hq2V9 Ikecq6VMAsbDg== Date: Thu, 11 Jan 2024 18:17:43 -0800 Subject: [GIT PULL 6/6] xfs_scrub: tighten security of systemd services From: "Darrick J. Wong" To: cem@kernel.org, djwong@kernel.org Cc: glitsj16@riseup.net, hch@lst.de, linux-xfs@vger.kernel.org Message-ID: <170502573653.996574.9591002351083368679.stg-ugh@frogsfrogsfrogs> Precedence: bulk X-Mailing-List: linux-xfs@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Hi Carlos, Please pull this branch with changes for xfsprogs for 6.6-rc1. As usual, I did a test-merge with the main upstream branch as of a few minutes ago, and didn't see any conflicts. Please let me know if you encounter any problems. The following changes since commit 1c95c17c8857223d05e8c4516af42c6d41ae579a: xfs_scrub_all: fix termination signal handling (2024-01-11 18:08:47 -0800) are available in the Git repository at: https://git.kernel.org/pub/scm/linux/kernel/git/djwong/xfsprogs-dev.git tags/scrub-service-security-6.6_2024-01-11 for you to fetch changes up to 13995601c86574e2f65d93055ac7a624fbde4443: xfs_scrub_all: tighten up the security on the background systemd service (2024-01-11 18:08:47 -0800) ---------------------------------------------------------------- xfs_scrub: tighten security of systemd services [v28.3 6/6] To reduce the risk of the online fsck service suffering some sort of catastrophic breach that results in attackers reconfiguring the running system, I embarked on a security audit of the systemd service files. The result should be that all elements of the background service (individual scrub jobs, the scrub_all initiator, and the failure reporting) run with as few privileges and within as strong of a sandbox as possible. Granted, this does nothing about the potential for the /kernel/ screwing up, but at least we could prevent obvious container escapes. Signed-off-by: Darrick J. Wong ---------------------------------------------------------------- Darrick J. Wong (6): xfs_scrub: allow auxiliary pathnames for sandboxing xfs_scrub.service: reduce CPU usage to 60% when possible xfs_scrub: use dynamic users when running as a systemd service xfs_scrub: tighten up the security on the background systemd service xfs_scrub_fail: tighten up the security on the background systemd service xfs_scrub_all: tighten up the security on the background systemd service man/man8/xfs_scrub.8 | 9 +++- scrub/Makefile | 7 ++- scrub/phase1.c | 4 +- scrub/system-xfs_scrub.slice | 30 +++++++++++++ scrub/vfs.c | 2 +- scrub/xfs_scrub.c | 11 +++-- scrub/xfs_scrub.h | 5 ++- scrub/xfs_scrub@.service.in | 97 +++++++++++++++++++++++++++++++++++----- scrub/xfs_scrub_all.service.in | 66 +++++++++++++++++++++++++++ scrub/xfs_scrub_fail@.service.in | 59 ++++++++++++++++++++++++ 10 files changed, 270 insertions(+), 20 deletions(-) create mode 100644 scrub/system-xfs_scrub.slice