ecryptfs_truncate should not call vmtruncate on lower inode

Patch submitted for review:
http://article.gmane.org/gmane.linux.file-systems/36107

Has been applied to:
git://git.kernel.org/pub/scm/linux/kernel/git/ecryptfs/ecryptfs-2.6.git#next

Released in 2.6.33-rc5
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=5f3ef64f4da1c587cdcfaaac72311225b7df094c

SRU Justification:

When truncating inodes in the lower filesystem, eCryptfs directly
invoked vmtruncate(). As Christoph Hellwig pointed out, vmtruncate() is
a filesystem helper function, but filesystems may need to do more than
just a call to vmtruncate(). eCryptfs needs to go through
notify_change()->setattr to ensure truncate works reliable without
corruption or leaking blocks on a variety of filesystems.

See: http://thread.gmane.org/gmane.linux.file-systems/36105

Fix: With this patch , lower inode truncation is moved out of
ecryptfs_truncate() and the function is renamed to truncate_upper().
truncate_upper() updates an iattr for the lower inode to indicate
if the lower inode needs to be truncated upon return.
ecryptfs_setattr() then calls notify_change(), using the updated iattr
for the lower inode, to complete the truncation.

Without the patch we risk corrupting or leaking blocks on the lower
filesystem.

Has been soak tested with a variety of ftruncate() soak tests and also
running a full kernel build on ecryptfs with a lower ext4 filesystem.

This bug is missing log files that will aid in diagnosing the problem. From a terminal window please run:

apport-collect 451368

and then change the status of the bug to 'Confirmed'.

If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Attached is a truncate soak tester.

The commit for this issue in Lucid is an early application of a commit that will be coming in via upstream stable (2.6.32.58). As such it is not subject to the standard bug verification process.

Tested and verified working for Lucid -proposed i386 2.6.32-40.87

This bug was fixed in the package linux - 2.6.32-40.87

---------------
linux (2.6.32-40.87) lucid-proposed; urgency=low

  [Herton R. Krzesinski]

  * Release Tracking Bug
    - LP: #947375

  [ Upstream Kernel Changes ]

  * IB/mlx4: pass SMP vendor-specific attribute MADs to firmware
    - LP: #932043
  * mm/filemap_xip.c: fix race condition in xip_file_fault()
    - LP: #932043
  * NFSv4: Fix up the callers of nfs4_state_end_reclaim_reboot
    - LP: #932043
  * NFSv4: The state manager shouldn't exit on errors that were handled
    - LP: #932043
  * NFSv4: Ensure the state manager handles NFS4ERR_NO_GRACE correctly
    - LP: #932043
  * NFSv4: Handle NFS4ERR_GRACE when recovering an expired lease.
    - LP: #932043
  * NFSv4: Fix open recovery
    - LP: #932043
  * rpc client can not deal with ENOSOCK, so translate it into ENOCONN
    - LP: #932043
  * udf: Mark LVID buffer as uptodate before marking it dirty
    - LP: #932043
  * eCryptfs: Infinite loop due to overflow in ecryptfs_write()
    - LP: #932043
  * atmel_lcdfb: fix usage of CONTRAST_CTR in suspend/resume
    - LP: #932043
  * Staging: asus_oled: fix image processing
    - LP: #932043
  * Staging: android: binder: Don't call dump_stack in binder_vma_open
    - LP: #932043
  * Staging: android: binder: Fix crashes when sharing a binder file
    between processes
    - LP: #932043
  * usb: gadget: zero: fix bug in loopback autoresume handling
    - LP: #932043
  * usb: Skip PCI USB quirk handling for Netlogic XLP
    - LP: #932043
  * USB: usbserial: add new PID number (0xa951) to the ftdi driver
    - LP: #932043
  * mmc: cb710 core: Add missing spin_lock_init for irq_lock of struct
    cb710_chip
    - LP: #932043
  * net: fix sk_forward_alloc corruptions
    - LP: #932043
  * net: sock_queue_err_skb() dont mess with sk_forward_alloc
    - LP: #932043
  * Linux 2.6.32.57
    - LP: #932043
  * Ban ecryptfs over ecryptfs
    - LP: #932987
  * eCryptfs: Remove mmap from directory operations
    - LP: #400443
  * eCryptfs: Use notify_change for truncating lower inodes
    - LP: #451368
  * ecryptfs: read on a directory should return EISDIR if not supported
    - LP: #719691
  * eCryptfs: Remove extra d_delete in ecryptfs_rmdir
    - LP: #723518
  * eCryptfs: Clear i_nlink in rmdir
    - LP: #723518
  * KVM: Device assignment permission checks
    - LP: #897812
    - CVE-2011-4347
  * block: Fix io_context leak after clone with CLONE_IO
    - LP: #940743
    - CVE-2012-0879
  * block: Fix io_context leak after failure of clone with CLONE_IO
    - LP: #940743
    - CVE-2012-0879
  * eCryptfs: Handle failed metadata read in lookup
    - LP: #509180
  * drm/i915: Fix TV Out refresh rate.
    - LP: #945114
  * Linux 2.6.32.57+drm33.23
    - LP: #945114
 -- Herton Ronaldo Krzesinski <email address hidden> Mon, 05 Mar 2012 16:09:18 -0300