secdiscard: should call fsync to avoid reordering IOs Don't make stale zero'ing IO in block device after unlink, since filesystem can reuse the block addresses and issue some IOs. If block layer reordered two IOs, filesystem will see zero data, which crashes filesystem consistency. Bug: 136964285 Test: run cts -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.CrossProfileAppsHostSideTest Change-Id: I43c13622d094cecda1c53468adc240002111d605 Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>

commit: 6c5e453f9ee8363e970c7b5e2be503879089c3c3 [log] [tgz]
author: Jaegeuk Kim <jaegeuk@google.com> Thu Aug 08 09:07:58 2019 -0700
committer: Jaegeuk Kim <jaegeuk@google.com> Mon Aug 12 15:31:10 2019 +0000
tree: 75fcfe099b2e06475532ca859aa093fad2f7a612
parent: 7d43cb0ae91322a58cef7f92225d00c2dd1f201a [diff] [blame]
diff --git a/secdiscard.cpp b/secdiscard.cpp
index 0ff05d6..4659eed 100644
--- a/secdiscard.cpp
+++ b/secdiscard.cpp

@@ -147,6 +147,10 @@
             if (!overwrite_with_zeros(fs_fd.get(), range[0], range[1])) return false;
         }
     }
+    // Should wait for overwrites completion. Otherwise after unlink(),
+    // filesystem can allocate these blocks and IO can be reordered, resulting
+    // in making zero blocks to filesystem blocks.
+    fsync(fs_fd.get());
     return true;
 }
commit	6c5e453f9ee8363e970c7b5e2be503879089c3c3	[log] [tgz]
author	Jaegeuk Kim <jaegeuk@google.com>	Thu Aug 08 09:07:58 2019 -0700
committer	Jaegeuk Kim <jaegeuk@google.com>	Mon Aug 12 15:31:10 2019 +0000
tree	75fcfe099b2e06475532ca859aa093fad2f7a612
parent	7d43cb0ae91322a58cef7f92225d00c2dd1f201a [diff] [blame]