Read-only File System after a Fresh Installation of LEDE 17.01.5

For Developers
7

This seems to be an unfortunate interaction between some recent ext4 patches that went into all LTS kernels (4.4, 4.9, 4.14). The one in 4.4, in particular, is this one:

commit db3b00e3f392e9f879f7fd202437e68f90f35765
Author: Theodore Ts'o <tytso@mit.edu>
Date:   Thu Jun 14 00:58:00 2018 -0400

    ext4: only look at the bg_flags field if it is valid

    commit 8844618d8aa7a9973e7b527d038a2a589665002c upstream.

    The bg_flags field in the block group descripts is only valid if the
    uninit_bg or metadata_csum feature is enabled.  We were not
    consistently looking at this field; fix this.

    Also block group #0 must never have uninitialized allocation bitmaps,
    or need to be zeroed, since that's where the root inode, and other
    special inodes are set up.  Check for these conditions and mark the
    file system as corrupted if they are detected.

    This addresses CVE-2018-10876.

    https://bugzilla.kernel.org/show_bug.cgi?id=199403

    Signed-off-by: Theodore Ts'o <tytso@mit.edu>
    Cc: stable@kernel.org
    Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

What it checks is that "block group 0 must have bg_flags containing EXT4_BG_INODE_ZEROED". Sure enough, "normal" ext4 filesystems have this flag on block group 0:

Group 0: (Blocks 0-32767) [ITABLE_ZEROED]
  Checksum 0x7550, unused inodes 0
  Primary superblock at 0, Group descriptors at 1-1
   ....

(from the dumpe2fs output)

But the filesystems created by make_ext4fs do not:

Group 0: (Blocks 0-32767) csum 0xa30d
  Primary superblock at 0, Group descriptors at 1-1
  ...

Even running "fsck.ext4 -f" on the filesystem does not cause this bit to be set - it's only set on initial allocation, and when the filesystem is expanded.

Looks like we need some sort of fix in make_ext4 to properly maintain this bit on all block groups of the ext4 filesystem that it creates. (I don't know if it's safe to just set it, or if we're supposed to do something explicit during allocation before setting this bit, but the kernel now requires this bit to mount the filesystem read-write.

The reason popping the card into Ubuntu and popping it back out, is that it probably massages the filesystem on the card.