Received: by 2002:a05:6500:1b41:b0:1fb:d597:ff75 with SMTP id cz1csp140258lqb; Tue, 4 Jun 2024 07:22:15 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCUhR3dyBbvPFALrEg5NOr4B49C5cHF5dBO6jaCDzKdl7qBhngmb/4GcWK0yNV/4atKVdMR66l1J+6x2pIvZY0Al1mMonybtnRwDvgbKZg== X-Google-Smtp-Source: AGHT+IEHSXuWROytg8LR+1YCttTVCO07GAvXvIH/wlPOCzY1Yc6/TcKciCl4MLmQQ2+uqD1YPkBa X-Received: by 2002:a17:90a:e657:b0:2bf:c2e4:fc36 with SMTP id 98e67ed59e1d1-2c1dc5de12emr10195360a91.45.1717510935581; Tue, 04 Jun 2024 07:22:15 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1717510935; cv=pass; d=google.com; s=arc-20160816; b=djcNkrevunKtIEJFJFmzriDWuyzLNSE5B0qInun2yHe6J4ZGM8rmcGh9helZuq8qwn AyMPfA9NKDdKRoh8dHPj12ohx128eHgcmteT363GgJbXt6Yh4+ICvxSBBW6FRCE9fdT1 XHx5x3X77auPcRGlpN26Y3BtP4iuYM1YQPRQlnwKZxmDeENkXrCUayqaKHZOghGdwpaU SAJ/82GoO99W9ks33SuG5yivaagVOa+KvjHus6rOURrvxupvrxBmjfiSuIpj9zSjwahY 5DU7B7R+jaWFNRxTe8rZGDYbg5h8r9Nk2dKG/ExGv4aWSc4hjMthr7EIPogGiUAU9eFv msuA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=rj3ma7MoGTsKwEShYWgennrGInTihdBJ4l4EKp81zZk=; fh=iY1KurKI1tCjPTo2axD4vtG2eCOx2kyn2rzBF7PxaAo=; b=FqDnc6hf7IJHlmlBetqCXPQQwAzJ9K4DfC0POkKcWpMBnTd3NSmZ0k8ZybVUVNeQO/ tMqoekj7cBGD6K8bh2uCHH06p/awq5lyUwHXNpk+eC8CWKxZ1GjYf9IzYstd1vhBYcpb eJXPl62G+vl2TgbqfJtuQCGDBoXlB4wuaD/TOLmrw/IdzY0fmpccjSQlw4VoTGFEeg0K oPgraCN9X5R3Weoh1yaJsi/GvDKbYjDgM+YQ+HJKoEQDPGptxHvGaWBOWfumw1weKDRk 2OOxeYowRqKHi6uGQgSXFnJ22y7jmvJOsistjmBrachunLO04d2pHa2NMvqULFtMHRWq Yz9w==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=D4QzNjO9; arc=pass (i=1 spf=pass spfdomain=gmail.com dkim=pass dkdomain=gmail.com dmarc=pass fromdomain=gmail.com); spf=pass (google.com: domain of linux-kernel+bounces-200731-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-200731-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [2604:1380:40f1:3f00::1]) by mx.google.com with ESMTPS id 98e67ed59e1d1-2c1c28521ecsi557508a91.190.2024.06.04.07.22.15 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Jun 2024 07:22:15 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-200731-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) client-ip=2604:1380:40f1:3f00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=D4QzNjO9; arc=pass (i=1 spf=pass spfdomain=gmail.com dkim=pass dkdomain=gmail.com dmarc=pass fromdomain=gmail.com); spf=pass (google.com: domain of linux-kernel+bounces-200731-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-200731-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id 731CCB28001 for ; Tue, 4 Jun 2024 13:43:25 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id E97AA1474BD; Tue, 4 Jun 2024 13:42:06 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="D4QzNjO9" Received: from mail-pf1-f181.google.com (mail-pf1-f181.google.com [209.85.210.181]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D4738146013; Tue, 4 Jun 2024 13:42:04 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.181 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1717508526; cv=none; b=Xj234ak+oI4rKRbHYGiZvkoI5rgc69OwGtPp/YFDoh6GbuL8PCmRzwimIyjm4OWMR8YqyyMPC5IElXVhripBVYbHTYlTKOcwRN0LNDdzI90B+XXftFMxWUbE45zS0uFSbWc+Y62O1Xa4nHeTGHw2yKDA0pXowaiLpWeji8+UPAU= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1717508526; c=relaxed/simple; bh=NpiGOU/wc8bprEs+G3H4btUN0UKgYT+8jImA/+loXlU=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=gw7bQMSXRBoRXtSzUV2Owr0GcvFt8xa4/pi6K7UMkI6Xz49bouG4uWV0MyJIv8QqbaQYcZh7QQjOxjtmtHcvz8vwgcqrA4R6SN1lUUmlOin9duMEt7FHABSaKVlHvls9NSo7pJHQQHV1Va+WJrfPxKQqLkcuzpNjjxWExjRXlng= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=D4QzNjO9; arc=none smtp.client-ip=209.85.210.181 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-pf1-f181.google.com with SMTP id d2e1a72fcca58-701b0b0be38so4935696b3a.0; Tue, 04 Jun 2024 06:42:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1717508524; x=1718113324; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=rj3ma7MoGTsKwEShYWgennrGInTihdBJ4l4EKp81zZk=; b=D4QzNjO9eS9aFctXGeeUgrQUspWyzIX8aTmS/wkvNfHWNh9LKqPK988HmUf+3v+2Wo 2x31lpdgLVCtIIluEyUhCmhQ3dS53EZSOy5B0WX31FF3iljAejYKe1Ulq5C6MQne78Ed pf8QdIuARSyMY6UXnJsQYX8IpRsvPwqgI0LsSVOGFSgdWHSQbBXJQ7oDOu/BZBsf48A8 RBkmhDyhhoySeVzNdcmJ4wjz6xZzW19JUBbQ8dSd9ufePcPGPsXf2sHZhcjPXDbix3On UqEDZ8axMkNGXkb84ybx+pu0y1A8J32iWOQ/gjFM3r6F2oJxn8MEZDU768fLscauRYqq GhxA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1717508524; x=1718113324; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=rj3ma7MoGTsKwEShYWgennrGInTihdBJ4l4EKp81zZk=; b=nuUvY63IHhmFIu97NZJoOhD0VQq5zG/Fge1RjoZWCdvh7tHNucUj6nUdbN3/bVzYo+ zt9UyPtB16os8thPywruwsrcm+/qZqvhz1hcc8NgDxpwUGyDtR/Z8YmcMaJ9uP+ZWzwx qt8KYc9bmtG9EGZurqMCHyHVofU1bwlnATDMmbvUUklC0Xyp4QngvSRhReXzhV3Jt6Cy L+gktN5Pm1FEEI4sSGWPYO0YuzoNhW9DPtKTXl1i15zdB4woAYvVm7NSrBMP2ZDh5G7T vInyUbDcwlybTMWfVJAf+mI76QRmcZJG4NHCc6/VJlrJ1uci/hVb7EjcwGSpbP+peSlG a2HQ== X-Forwarded-Encrypted: i=1; AJvYcCWICCZyDfJkb+8qBtEITi712wdygJPEQk16Xr3LQvGhk75OBr9wU6PcvcnGuCD5whzWz8HnIAdC2O8FsbtMoco+Xzx9lhM+0NYu+MXh X-Gm-Message-State: AOJu0YzMEufDpOZxXUuoIrv5XDo+/8l5xJRjTwFCIcygAv2fxrbXjOBI BbSgitmPDy+Vq09DtJQ1vZ5pnXpGJ+MQC9xJxsiOgUg3net75J+6IwyxOw== X-Received: by 2002:a05:6a20:9187:b0:1b2:2893:4c30 with SMTP id adf61e73a8af0-1b26f2cc0efmr13513674637.43.1717508523859; Tue, 04 Jun 2024 06:42:03 -0700 (PDT) Received: from carrot.. (i223-217-95-32.s42.a014.ap.plala.or.jp. [223.217.95.32]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-1f6323f6dadsm82903925ad.221.2024.06.04.06.42.01 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Jun 2024 06:42:03 -0700 (PDT) From: Ryusuke Konishi To: Andrew Morton Cc: linux-nilfs@vger.kernel.org, syzbot , syzkaller-bugs@googlegroups.com, linux-kernel@vger.kernel.org Subject: [PATCH] nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors Date: Tue, 4 Jun 2024 22:42:55 +0900 Message-Id: <20240604134255.7165-1-konishi.ryusuke@gmail.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <00000000000020f6700619e765c8@google.com> References: <00000000000020f6700619e765c8@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit The error handling in nilfs_empty_dir() when a directory folio/page read fails is incorrect, as in the old ext2 implementation, and if the folio/page cannot be read or nilfs_check_folio() fails, it will falsely determine the directory as empty and corrupt the file system. In addition, since nilfs_empty_dir() does not immediately return on a failed folio/page read, but continues to loop, this can cause a long loop with I/O if i_size of the directory's inode is also corrupted, causing the log writer thread to wait and hang, as reported by syzbot. Fix these issues by making nilfs_empty_dir() immediately return a false value (0) if it fails to get a directory folio/page. Signed-off-by: Ryusuke Konishi Reported-by: syzbot+c8166c541d3971bf6c87@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=c8166c541d3971bf6c87 Fixes: 2ba466d74ed7 ("nilfs2: directory entry operations") Tested-by: Ryusuke Konishi Cc: stable@vger.kernel.org --- Hi Andrew, please apply this as a bug fix. This fixes a bug in the empty directory function and the resulting hang issue reported by syzbot. Thanks, Ryusuke Konishi fs/nilfs2/dir.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/nilfs2/dir.c b/fs/nilfs2/dir.c index a002a44ff161..52e50b1b7f22 100644 --- a/fs/nilfs2/dir.c +++ b/fs/nilfs2/dir.c @@ -607,7 +607,7 @@ int nilfs_empty_dir(struct inode *inode) kaddr = nilfs_get_folio(inode, i, &folio); if (IS_ERR(kaddr)) - continue; + return 0; de = (struct nilfs_dir_entry *)kaddr; kaddr += nilfs_last_byte(inode, i) - NILFS_DIR_REC_LEN(1); -- 2.34.1