Received: by 2002:ac0:a582:0:0:0:0:0 with SMTP id m2-v6csp2256986imm; Thu, 18 Oct 2018 11:31:06 -0700 (PDT) X-Google-Smtp-Source: ACcGV61KU6s9+MZsJ4lNOiSrNxzGB5MqvaaOhh3vMbGTu1rT6q7p988+Gx5euQtioszjC552ig4g X-Received: by 2002:a63:ac56:: with SMTP id z22-v6mr29714216pgn.444.1539887466490; Thu, 18 Oct 2018 11:31:06 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1539887466; cv=none; d=google.com; s=arc-20160816; b=stSbzKFM+mPuMUWtf/Z/JG1p9dIqPq+swxi4uylxvOni+AUwtNL06bnPqOoETG0Uoe DcFBP42ks43NoZ+O4mkXR64IMr9bJXOS5qNVe4B8tGI+JYEP8PhRTDv2uXuG4mUqvpS8 1nSV8bzJOAJWS/ki1I7+8XrWbvGQHK2D5sU3WjV2Fk/NuHVItI0yTFKvJadZ14P/4eJe T5c2Q427vEZARScF1jvF8Apl6dAASGy0si3AQ/l7i92uk8Jp3hqQdh98mN2Dwv9NCUDy sj7kjSa3R3dWIfBj7/ZsicbOwbz8WkMTdMdr6kEgETTbHSqC5Q0tjY09o6adIviWRJpG G9Fg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=gp30f8fJ7nGQ3tuIAjReEsgqteQqHyChJ4JQSrEmmpg=; b=rEjlTZZlhoAb3GFlnI/wF9pH3jWixRBKNieKzyw4qbBk9V3XhFIbocyQTGki25E9ZK 6rTroNu4dj1O6h1a40IeAIfvs+oDkmJ0aPm1NTgSeTtyIijHuZawxB0OW6FXNGm3Rvsw Sm0w6b7+iuykDFWz6UteEZ81wXMdTF/tg8QcknlUHlM/ltVwdEJ96RJeNLs+5gblarqX djoQgMlcEoLuC9CkjFQLNWNK3lHoZ0jAFM1Pmn1ao6tYokuhY+oBAihRmlTY6CS+7cg+ SJR4XwSmo/ITqZd0lSgU2rnidrcyQ3s6JpqavdKwfjEhn+MoLPtgKKLwsDXOJRqnKNE5 0QiA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=Xhxz5Cvz; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id c6-v6si14462335pll.160.2018.10.18.11.30.50; Thu, 18 Oct 2018 11:31:06 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=Xhxz5Cvz; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729468AbeJSCGR (ORCPT + 99 others); Thu, 18 Oct 2018 22:06:17 -0400 Received: from mail.kernel.org ([198.145.29.99]:54586 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728416AbeJSCGQ (ORCPT ); Thu, 18 Oct 2018 22:06:16 -0400 Received: from localhost (ip-213-127-77-176.ip.prioritytelecom.net [213.127.77.176]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 65834214AB; Thu, 18 Oct 2018 18:04:08 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1539885849; bh=DqP2wE70HFsIGnPUzSE3MOS6o+iP8EUTH+xEztnwlBo=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=Xhxz5CvzYsQgDPoTTU7wKSnuglF1+VWufhLGb8TAUKxtSZhTk+gF6MMlQmhWxYLo7 nJsKdCOzh4/JrkdmVZ2iXdFWcKbBWuBKNP6UOeklEEmTh6nt+NXIcyoRrmsyoMctTY YC/OE7fqnfbTzHwcpl7VfS6Z46n9o6Upn2pFCBQQ= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Theodore Tso , stable@kernel.org, Chenbo Feng Subject: [PATCH 4.9 34/35] ext4: avoid running out of journal credits when appending to an inline file Date: Thu, 18 Oct 2018 19:55:03 +0200 Message-Id: <20181018175427.528209473@linuxfoundation.org> X-Mailer: git-send-email 2.19.1 In-Reply-To: <20181018175422.506152522@linuxfoundation.org> References: <20181018175422.506152522@linuxfoundation.org> User-Agent: quilt/0.65 X-stable: review MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.9-stable review patch. If anyone has any objections, please let me know. ------------------ From: Theodore Ts'o commit 8bc1379b82b8e809eef77a9fedbb75c6c297be19 upstream. Use a separate journal transaction if it turns out that we need to convert an inline file to use an data block. Otherwise we could end up failing due to not having journal credits. This addresses CVE-2018-10883. https://bugzilla.kernel.org/show_bug.cgi?id=200071 Signed-off-by: Theodore Ts'o Cc: stable@kernel.org [fengc@google.com: 4.4 and 4.9 backport: adjust context] Signed-off-by: Chenbo Feng Signed-off-by: Greg Kroah-Hartman --- fs/ext4/ext4.h | 3 --- fs/ext4/inline.c | 38 +------------------------------------- fs/ext4/xattr.c | 18 ++---------------- 3 files changed, 3 insertions(+), 56 deletions(-) --- a/fs/ext4/ext4.h +++ b/fs/ext4/ext4.h @@ -3038,9 +3038,6 @@ extern struct buffer_head *ext4_get_firs extern int ext4_inline_data_fiemap(struct inode *inode, struct fiemap_extent_info *fieinfo, int *has_inline, __u64 start, __u64 len); -extern int ext4_try_to_evict_inline_data(handle_t *handle, - struct inode *inode, - int needed); extern void ext4_inline_data_truncate(struct inode *inode, int *has_inline); extern int ext4_convert_inline_data(struct inode *inode); --- a/fs/ext4/inline.c +++ b/fs/ext4/inline.c @@ -889,11 +889,11 @@ retry_journal: flags |= AOP_FLAG_NOFS; if (ret == -ENOSPC) { + ext4_journal_stop(handle); ret = ext4_da_convert_inline_data_to_extent(mapping, inode, flags, fsdata); - ext4_journal_stop(handle); if (ret == -ENOSPC && ext4_should_retry_alloc(inode->i_sb, &retries)) goto retry_journal; @@ -1865,42 +1865,6 @@ out: return (error < 0 ? error : 0); } -/* - * Called during xattr set, and if we can sparse space 'needed', - * just create the extent tree evict the data to the outer block. - * - * We use jbd2 instead of page cache to move data to the 1st block - * so that the whole transaction can be committed as a whole and - * the data isn't lost because of the delayed page cache write. - */ -int ext4_try_to_evict_inline_data(handle_t *handle, - struct inode *inode, - int needed) -{ - int error; - struct ext4_xattr_entry *entry; - struct ext4_inode *raw_inode; - struct ext4_iloc iloc; - - error = ext4_get_inode_loc(inode, &iloc); - if (error) - return error; - - raw_inode = ext4_raw_inode(&iloc); - entry = (struct ext4_xattr_entry *)((void *)raw_inode + - EXT4_I(inode)->i_inline_off); - if (EXT4_XATTR_LEN(entry->e_name_len) + - EXT4_XATTR_SIZE(le32_to_cpu(entry->e_value_size)) < needed) { - error = -ENOSPC; - goto out; - } - - error = ext4_convert_inline_data_nolock(handle, inode, &iloc); -out: - brelse(iloc.bh); - return error; -} - void ext4_inline_data_truncate(struct inode *inode, int *has_inline) { handle_t *handle; --- a/fs/ext4/xattr.c +++ b/fs/ext4/xattr.c @@ -1086,22 +1086,8 @@ int ext4_xattr_ibody_inline_set(handle_t if (EXT4_I(inode)->i_extra_isize == 0) return -ENOSPC; error = ext4_xattr_set_entry(i, s, inode); - if (error) { - if (error == -ENOSPC && - ext4_has_inline_data(inode)) { - error = ext4_try_to_evict_inline_data(handle, inode, - EXT4_XATTR_LEN(strlen(i->name) + - EXT4_XATTR_SIZE(i->value_len))); - if (error) - return error; - error = ext4_xattr_ibody_find(inode, i, is); - if (error) - return error; - error = ext4_xattr_set_entry(i, s, inode); - } - if (error) - return error; - } + if (error) + return error; header = IHDR(inode, ext4_raw_inode(&is->iloc)); if (!IS_LAST_ENTRY(s->first)) { header->h_magic = cpu_to_le32(EXT4_XATTR_MAGIC);