secdiscard: should call fsync to avoid reordering IOs

Don't make stale zero'ing IO in block device after unlink, since filesystem can reuse the block addresses and issue some IOs. If block layer reordered two IOs, filesystem will see zero data, which crashes filesystem consistency. Bug: 136964285 Test: run cts -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.CrossProfileAppsHostSideTest Change-Id: I43c13622d094cecda1c53468adc240002111d605 Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
5 years ago · 6c5e453f9e
parent 7d43cb0ae9
commit 6c5e453f9e
1 changed files with 4 additions and 0 deletions
--- a/secdiscard.cpp
+++ b/secdiscard.cpp
@ -147,6 +147,10 @@ bool secdiscard_path(const std::string& path) {
            if (!overwrite_with_zeros(fs_fd.get(), range[0], range[1])) return false;
        }
    }
+    // Should wait for overwrites completion. Otherwise after unlink(),
+    // filesystem can allocate these blocks and IO can be reordered, resulting
+    // in making zero blocks to filesystem blocks.
+    fsync(fs_fd.get());
    return true;
 }