Received: by 2002:a25:6193:0:0:0:0:0 with SMTP id v141csp3242951ybb; Sun, 22 Mar 2020 19:21:12 -0700 (PDT) X-Google-Smtp-Source: ADFU+vt6P0Uq0u1LVcj7s7NlYsRZHZkvCnsdhckZkLtkH1YHesfgxmAePml8lzkGzi6ZcgaMVOhx X-Received: by 2002:aca:ea05:: with SMTP id i5mr16027138oih.162.1584930072060; Sun, 22 Mar 2020 19:21:12 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1584930072; cv=none; d=google.com; s=arc-20160816; b=E3ZnwcrnyC/4mHPGFE3YwSwNcZ8IRiPl+Sq0o3O93kQ7WpUcoQ+WgPV4Ha8TNjfiDM fPnLzfeFvbxFZtlzKAPgq/nanN2N3SjxT+m/E1LHztaUDd6fo9g2cW01bhPNmTQzFfxG 7V/JQnqJcDN09XMaBy525fKPggKVfnsmrVdQ36w6cKc4CO+2BxnejUCxUdI8nCLkvRhQ jnVd+NzQ3qGHbI6wZaTaUQ1TbrKCDkH6YJfcg1afHQ0mH3wPMUpcP58qv0VscsX9Rtvu ARDLgUXsunwrdNUxTCdRZoMmUZxV+t0dH51saNtokFzbni2ugX0MTpSVcXDZ06WNjYEF Z+rA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject; bh=IouGyhXTXo6fC9yxEITMkWHL7dwiI0Rbr68GSROdLVs=; b=wyWZzCLRQ+ZFhn7of+J+9QPWkwnfUDtrsGjaDSj+ylwzpSIBcnRhnam7cX88Oux1eJ 2zwQUFIB9aUSNtm88KzR4f4APBYhU1oG/MdfcTq6cULqELjuVEGvVkoE8vl/3Rl3FgdH XDhb0cNyJ9UAcSH3MB667lemWDB9wLclgcPsem4N3cw4EGdsozTDAsG/GO/u3f/EgD40 xA7x5pcDb8ZJjusRKrpJJlJFZT59tH/hly6CYOUnQlwc5x/qRvkZA20KDwiXDJFnPkAI offKWI6anqBYSEH2tj6kLMJLiDNlFdETSwA6gjbxx4+o7gjnhCiM+jggCORYgWXhKj0C HrEw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id i19si7086000otp.177.2020.03.22.19.20.59; Sun, 22 Mar 2020 19:21:12 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727059AbgCWCTz (ORCPT + 99 others); Sun, 22 Mar 2020 22:19:55 -0400 Received: from szxga06-in.huawei.com ([45.249.212.32]:57082 "EHLO huawei.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1726954AbgCWCTz (ORCPT ); Sun, 22 Mar 2020 22:19:55 -0400 Received: from DGGEMS402-HUB.china.huawei.com (unknown [172.30.72.59]) by Forcepoint Email with ESMTP id 725CCD8523A1F9EF112E; Mon, 23 Mar 2020 10:19:50 +0800 (CST) Received: from [10.134.22.195] (10.134.22.195) by smtp.huawei.com (10.3.19.202) with Microsoft SMTP Server (TLS) id 14.3.487.0; Mon, 23 Mar 2020 10:19:44 +0800 Subject: Re: [PATCH v3] f2fs: fix potential .flags overflow on 32bit architecture To: Joe Perches , CC: , , References: <20200323012519.41536-1-yuchao0@huawei.com> From: Chao Yu Message-ID: <68bc1967-8772-d04a-1209-d919bf122f9f@huawei.com> Date: Mon, 23 Mar 2020 10:19:44 +0800 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset="UTF-8" Content-Language: en-US Content-Transfer-Encoding: 8bit X-Originating-IP: [10.134.22.195] X-CFilter-Loop: Reflected Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 2020/3/23 10:00, Joe Perches wrote: > On Mon, 2020-03-23 at 09:25 +0800, Chao Yu wrote: >> f2fs_inode_info.flags is unsigned long variable, it has 32 bits >> in 32bit architecture, since we introduced FI_MMAP_FILE flag >> when we support data compression, we may access memory cross >> the border of .flags field, corrupting .i_sem field, result in >> below deadlock. >> >> To fix this issue, let's expand .flags as an array to grab enough >> space to store new flags. > [] >> diff --git a/fs/f2fs/f2fs.h b/fs/f2fs/f2fs.h > [] >> @@ -2586,22 +2590,28 @@ static inline void __mark_inode_dirty_flag(struct inode *inode, >> } >> } >> >> +static inline void __set_inode_flag(struct inode *inode, int flag) >> +{ >> + test_and_set_bit(flag % BITS_PER_LONG, >> + &F2FS_I(inode)->flags[BIT_WORD(flag)]); > > I believe this should just use > > test_and_set_bit(flag, F2FS_I(inode)->flags); > >> static inline int is_inode_flag_set(struct inode *inode, int flag) >> { >> - return test_bit(flag, &F2FS_I(inode)->flags); >> + return test_bit(flag % BITS_PER_LONG, >> + &F2FS_I(inode)->flags[BIT_WORD(flag)]); > > here too. > > test_bit(flag, F2FS_I(inode)->flags); > >> static inline void clear_inode_flag(struct inode *inode, int flag) >> { >> - if (test_bit(flag, &F2FS_I(inode)->flags)) >> - clear_bit(flag, &F2FS_I(inode)->flags); >> + test_and_clear_bit(flag % BITS_PER_LONG, >> + &F2FS_I(inode)->flags[BIT_WORD(flag)]); > > and here. My bad, Ondřej Jirman also reminded me this issue, will fix this soon. Thanks, > > I also don't know why these functions are used at all. > > > . >