2024-02-29 06:10:31

by Ritesh Harjani

[permalink] [raw]
Subject: [PATCH 1/2] ext4: Fixes len calculation in mpage_journal_page_buffers

Truncate operation can race with writeback, in which inode->i_size can get
truncated and therefore size - folio_pos() can be negative. This fixes the
len calculation. However this path doesn't get easily triggered even
with data journaling.

Cc: <[email protected]> # v6.5
Fixes: 80be8c5cc925 ("Fixes: ext4: Make mpage_journal_page_buffers use folio")
Signed-off-by: Ritesh Harjani (IBM) <[email protected]>
---
fs/ext4/inode.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c
index 537803250ca9..bab9223d94ac 100644
--- a/fs/ext4/inode.c
+++ b/fs/ext4/inode.c
@@ -2334,7 +2334,7 @@ static int mpage_journal_page_buffers(handle_t *handle,

if (folio_pos(folio) + len > size &&
!ext4_verity_in_progress(inode))
- len = size - folio_pos(folio);
+ len = size & (len - 1);

return ext4_journal_folio_buffers(handle, folio, len);
}
--
2.39.2



2024-02-29 06:10:34

by Ritesh Harjani

[permalink] [raw]
Subject: [PATCH 2/2] ext4: Remove PAGE_MASK dependency on mpage_submit_folio

This patch simply removes the PAGE_MASK dependency since
mpage_submit_folio() is already converted to work with folio.

Signed-off-by: Ritesh Harjani (IBM) <[email protected]>
---
fs/ext4/inode.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c
index bab9223d94ac..e8b0773e5d2d 100644
--- a/fs/ext4/inode.c
+++ b/fs/ext4/inode.c
@@ -1865,7 +1865,7 @@ static int mpage_submit_folio(struct mpage_da_data *mpd, struct folio *folio)
len = folio_size(folio);
if (folio_pos(folio) + len > size &&
!ext4_verity_in_progress(mpd->inode))
- len = size & ~PAGE_MASK;
+ len = size & (len - 1);
err = ext4_bio_write_folio(&mpd->io_submit, folio, len);
if (!err)
mpd->wbc->nr_to_write--;
--
2.39.2


2024-03-11 18:54:33

by Jan Kara

[permalink] [raw]
Subject: Re: [PATCH 2/2] ext4: Remove PAGE_MASK dependency on mpage_submit_folio

On Thu 29-02-24 11:40:14, Ritesh Harjani (IBM) wrote:
> This patch simply removes the PAGE_MASK dependency since
> mpage_submit_folio() is already converted to work with folio.
>
> Signed-off-by: Ritesh Harjani (IBM) <[email protected]>

Looks good. Feel free to add:

Reviewed-by: Jan Kara <[email protected]>

Honza

> ---
> fs/ext4/inode.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c
> index bab9223d94ac..e8b0773e5d2d 100644
> --- a/fs/ext4/inode.c
> +++ b/fs/ext4/inode.c
> @@ -1865,7 +1865,7 @@ static int mpage_submit_folio(struct mpage_da_data *mpd, struct folio *folio)
> len = folio_size(folio);
> if (folio_pos(folio) + len > size &&
> !ext4_verity_in_progress(mpd->inode))
> - len = size & ~PAGE_MASK;
> + len = size & (len - 1);
> err = ext4_bio_write_folio(&mpd->io_submit, folio, len);
> if (!err)
> mpd->wbc->nr_to_write--;
> --
> 2.39.2
>
--
Jan Kara <[email protected]>
SUSE Labs, CR

2024-03-11 19:02:30

by Jan Kara

[permalink] [raw]
Subject: Re: [PATCH 1/2] ext4: Fixes len calculation in mpage_journal_page_buffers

On Thu 29-02-24 11:40:13, Ritesh Harjani (IBM) wrote:
> Truncate operation can race with writeback, in which inode->i_size can get
> truncated and therefore size - folio_pos() can be negative. This fixes the
> len calculation. However this path doesn't get easily triggered even
> with data journaling.
>
> Cc: <[email protected]> # v6.5
> Fixes: 80be8c5cc925 ("Fixes: ext4: Make mpage_journal_page_buffers use folio")
> Signed-off-by: Ritesh Harjani (IBM) <[email protected]>

Looks good. Feel free to add:

Reviewed-by: Jan Kara <[email protected]>

Honza

> ---
> fs/ext4/inode.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c
> index 537803250ca9..bab9223d94ac 100644
> --- a/fs/ext4/inode.c
> +++ b/fs/ext4/inode.c
> @@ -2334,7 +2334,7 @@ static int mpage_journal_page_buffers(handle_t *handle,
>
> if (folio_pos(folio) + len > size &&
> !ext4_verity_in_progress(inode))
> - len = size - folio_pos(folio);
> + len = size & (len - 1);
>
> return ext4_journal_folio_buffers(handle, folio, len);
> }
> --
> 2.39.2
>
--
Jan Kara <[email protected]>
SUSE Labs, CR

2024-05-02 15:02:32

by Theodore Ts'o

[permalink] [raw]
Subject: Re: [PATCH 1/2] ext4: Fixes len calculation in mpage_journal_page_buffers


On Thu, 29 Feb 2024 11:40:13 +0530, Ritesh Harjani (IBM) wrote:
> Truncate operation can race with writeback, in which inode->i_size can get
> truncated and therefore size - folio_pos() can be negative. This fixes the
> len calculation. However this path doesn't get easily triggered even
> with data journaling.
>
>

Applied, thanks!

[1/2] ext4: Fixes len calculation in mpage_journal_page_buffers
commit: c2a09f3d782de952f09a3962d03b939e7fa7ffa4
[2/2] ext4: Remove PAGE_MASK dependency on mpage_submit_folio
commit: 53c17fe55a06cbb405b94d96759611d725d2c47a

Best regards,
--
Theodore Ts'o <[email protected]>