Linux Kernel Btrfs New Dentry Logging Vulnerability

A vulnerability in the Linux kernel's Btrfs file system has been addressed, concerning the logging of new directory entries (dentries) when the parent directory of a conflicting inode is logged. The issue arises because, while the parent directory's inode is marked as logged, the new dentries are not. This oversight can lead to data loss: if the parent directory is later fsynced and no new changes have been made since it was logged, the fsync operation becomes a no-op. Following a power failure, the newly created dentries may be missing. The vulnerability affects several versions of the Linux kernel.

Impact

Failure to log new directory entries can result in missing data after a power failure, as the entries may not be recovered during log replay.

Reproduction

The vulnerability can be reproduced by creating a directory, removing it, and then creating two new directories. After that, a file with the same name as the deleted directory is created in one of the new directories. When the parent directory is fsynced, it logs the directory but fails to log the new entries from the other directory. If a power failure occurs after this operation, the entries from the unsynced directory will be missing.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed.