Received: by 2002:a05:6358:4e97:b0:b3:742d:4702 with SMTP id ce23csp2887383rwb;
        Mon, 15 Aug 2022 13:20:22 -0700 (PDT)
X-Google-Smtp-Source: AA6agR6GfQbXX26jb+goS/aX7TA72TJ9Kl13mJurESjf/pVYaolajg2dGLOKjPAPbBmA2OpurK4t
X-Received: by 2002:a05:6402:254a:b0:43d:a634:a0ab with SMTP id l10-20020a056402254a00b0043da634a0abmr15994259edb.298.1660594821756;
        Mon, 15 Aug 2022 13:20:21 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1660594821; cv=none;
        d=google.com; s=arc-20160816;
        b=qEjOClixBq3zu7olKtalxLKqrRSccpBEEUUigqVqezXNFounrsHXb9E9Zia767PdOP
         Nok4VQo/+qdUwn0tiL/3HqJYaLP2FJNJu6cn4IKEOdsn8YbCLqjPGRLM/KZLtAY7ymzR
         r9jaLtWdlIIsqYeBwSlcaLYjlxII6fTFztbIDu8wsjsUle4fVOP2L2M9OrCjq08Rd31R
         JXzY4NUHKqmrlCl0zv83LgPA86xw5ZiHzMGzaBoFH0+o3euns2b80K2FNFcPxyU5jTsX
         K3jVkrfK4E3cbx3skWNamDBLulOELtpKAiuc0Zzc7qY96TiewEctJBB3nwRviJhXjD1I
         bsGg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :user-agent:references:in-reply-to:message-id:date:subject:cc:to
         :from:dkim-signature;
        bh=YreRMMxpWy8O9E57zbgW438vfZ78P8BAbE5eING/Eys=;
        b=AQSwuXYlyQvZh+9jJ15KsLrYpwi4GDG32dJcWe6yjzucTwPmxn16pb0mYfjv6jcdUl
         JP/lRBKyTtROpKfvFeuM9wvdRGCXdQS698YNInBLox9Ho8bI4DqNeSt3wz3GIXd+HZ9w
         88Xy4iSXcZRMfRMv68BmWu1HjA5SJji1EXyvyC5H7649ocPZ00eS2v8bqGfTedAm0hd/
         WJRAEjmHg6TXtlHcwWy04qxzzt1+qwm/sbHtpxL+pRXySrJFQ5fbJ8y9Mj86b1imEtU/
         JN8Y/U82Sw5reSTDm2KlqOkqyUKcRl4EFIMdvVreK4EYAHDODgBKvjPa9ssNJAflwIX1
         iyWQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=VOeAfSwW;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id t12-20020a056402524c00b0043a6e796231si9818426edd.544.2022.08.15.13.19.55;
        Mon, 15 Aug 2022 13:20:21 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=VOeAfSwW;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S243761AbiHOT52 (ORCPT <rfc822;andrey.bzh.r@gmail.com>
        + 99 others); Mon, 15 Aug 2022 15:57:28 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42714 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1345509AbiHOTxv (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 15 Aug 2022 15:53:51 -0400
Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BF4733DBE2;
        Mon, 15 Aug 2022 11:51:55 -0700 (PDT)
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by ams.source.kernel.org (Postfix) with ESMTPS id 79974B810A1;
        Mon, 15 Aug 2022 18:51:54 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id DACD8C433C1;
        Mon, 15 Aug 2022 18:51:52 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org;
        s=korg; t=1660589513;
        bh=jc2ts41zMqojvvjdU1jX3aRBnALxG3ccpzWTrixxG9g=;
        h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
        b=VOeAfSwWlnrabIb4fAscYEyYIRTcIP3cwZOJyBasPIDwTd5D/nKP9RhzNS2jHHkRB
         Epv3WiO4tE28WZq99xLlJDRV7DXfGFdckVWFumonmSVh23Z2Zzo0Yd6edsVzYBC7fk
         eBYQL0kX3/9P5zigNb+0CPF7rd5PI6wvxUi5JklE=
From:   Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To:     linux-kernel@vger.kernel.org
Cc:     Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        stable@vger.kernel.org, stable@kernel.org,
        Ye Bin <yebin10@huawei.com>, Eric Whitney <enwlinux@gmail.com>,
        Theodore Tso <tytso@mit.edu>, Sasha Levin <sashal@kernel.org>
Subject: [PATCH 5.15 742/779] ext4: fix extent status tree race in writeback error recovery path
Date:   Mon, 15 Aug 2022 20:06:26 +0200
Message-Id: <20220815180409.173312722@linuxfoundation.org>
X-Mailer: git-send-email 2.37.2
In-Reply-To: <20220815180337.130757997@linuxfoundation.org>
References: <20220815180337.130757997@linuxfoundation.org>
User-Agent: quilt/0.67
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-7.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI,
        SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham
        autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: Eric Whitney <enwlinux@gmail.com>

[ Upstream commit 7f0d8e1d607c1a4fa9a27362a108921d82230874 ]

A race can occur in the unlikely event ext4 is unable to allocate a
physical cluster for a delayed allocation in a bigalloc file system
during writeback.  Failure to allocate a cluster forces error recovery
that includes a call to mpage_release_unused_pages().  That function
removes any corresponding delayed allocated blocks from the extent
status tree.  If a new delayed write is in progress on the same cluster
simultaneously, resulting in the addition of an new extent containing
one or more blocks in that cluster to the extent status tree, delayed
block accounting can be thrown off if that delayed write then encounters
a similar cluster allocation failure during future writeback.

Write lock the i_data_sem in mpage_release_unused_pages() to fix this
problem.  Ext4's block/cluster accounting code for bigalloc relies on
i_data_sem for mutual exclusion, as is found in the delayed write path,
and the locking in mpage_release_unused_pages() is missing.

Cc: stable@kernel.org
Reported-by: Ye Bin <yebin10@huawei.com>
Signed-off-by: Eric Whitney <enwlinux@gmail.com>
Link: https://lore.kernel.org/r/20220615160530.1928801-1-enwlinux@gmail.com
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
 fs/ext4/inode.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c
index f0350d60ba50..149377c849ee 100644
--- a/fs/ext4/inode.c
+++ b/fs/ext4/inode.c
@@ -1560,7 +1560,14 @@ static void mpage_release_unused_pages(struct mpage_da_data *mpd,
 		ext4_lblk_t start, last;
 		start = index << (PAGE_SHIFT - inode->i_blkbits);
 		last = end << (PAGE_SHIFT - inode->i_blkbits);
+
+		/*
+		 * avoid racing with extent status tree scans made by
+		 * ext4_insert_delayed_block()
+		 */
+		down_write(&EXT4_I(inode)->i_data_sem);
 		ext4_es_remove_extent(inode, start, last - start + 1);
+		up_write(&EXT4_I(inode)->i_data_sem);
 	}
 
 	pagevec_init(&pvec);
-- 
2.35.1