From 1ba8865fec2e58dc1a886c2175bea38cbac8ffee Mon Sep 17 00:00:00 2001 From: Eric Biggers Date: Wed, 4 Nov 2020 18:38:38 -0800 Subject: [PATCH] EncryptInplace: fsync cryptofd before reporting success fsync() the cryptofd when done writing to it. Without this, any remaining dirty pages in the crypto_blkdev's page cache (which there might be a lot of, even as much as all the data that was written) won't be flushed to disk until the cryptofd is closed, which ignores I/O errors and is also after we already reported 100% completion. There wasn't an fsync() in the original version either, so we've been getting by without it, but it seems it should be there. Change-Id: Idd1be3ae67ce96ecf3946b9efb9fc57414f5805a --- EncryptInplace.cpp | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/EncryptInplace.cpp b/EncryptInplace.cpp index 8baed78..057b3ef 100644 --- a/EncryptInplace.cpp +++ b/EncryptInplace.cpp @@ -345,6 +345,11 @@ bool InPlaceEncrypter::EncryptInPlace(const std::string& crypto_blkdev, if (success) success &= EncryptPendingData(); + if (success && fsync(cryptofd_) != 0) { + PLOG(ERROR) << "Error syncing " << crypto_blkdev_; + success = false; + } + if (!success) { LOG(ERROR) << "In-place encryption of " << DescribeFilesystem() << " failed"; return false;