lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-id: <001f01cf65fa$aec13240$0c4396c0$@samsung.com> Date: Fri, 02 May 2014 20:35:56 +0900 From: Namjae Jeon <namjae.jeon@...sung.com> To: 'Jan Kara' <jack@...e.cz> Cc: 'Theodore Ts'o' <tytso@....edu>, 'linux-ext4' <linux-ext4@...r.kernel.org>, 'Ashish Sangwan' <a.sangwan@...sung.com> Subject: RE: [PATCH] ext4: fix data integrity sync in ordered mode > > Hello, > > On Wed 30-04-14 19:02:14, Namjae Jeon wrote: > > When we perform a data integrity sync we tag all the dirty pages with > > PAGECACHE_TAG_TOWRITE at start of ext4_da_writepages. > > Later we check for this tag in write_cache_pages_da and creates a > > struct mpage_da_data containing contiguously indexed pages tagged with this > > tag and sync these pages with a call to mpage_da_map_and_submit. > > This process is done in while loop until all the PAGECACHE_TAG_TOWRITE pages > > are synced. We also do journal start and stop in each iteration. > > journal_stop could initiate journal commit which would call ext4_writepage > > which in turn will call ext4_bio_write_page even for delayed OR unwritten > > buffers. When ext4_bio_write_page is called for such buffers, even though it > > does not sync them but it clears the PAGECACHE_TAG_TOWRITE of the corresponding > > page and hence these pages are also not synced by the currently running data > > integrity sync. We will end up with dirty pages although sync is completed. > > > > This could cause a potential data loss when the sync call is followed by a > > truncate_pagecache call, which is exactly the case in collapse_range. > > (It will cause generic/127 failure in xfstests) > This is well spotted. Thanks for finding this bug. See my comment below > regarding the fix. > > > Cc: stable@...r.kernel.org > > Cc: Jan kara <jack@...e.de> > > Signed-off-by: Namjae Jeon <namjae.jeon@...sung.com> > > Signed-off-by: Ashish Sangwan <a.sangwan@...sung.com> > > --- > > fs/ext4/inode.c | 11 +++++++++-- > > 1 file changed, 9 insertions(+), 2 deletions(-) > > > > diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c > > index b1dc334..bd85712 100644 > > --- a/fs/ext4/inode.c > > +++ b/fs/ext4/inode.c > > @@ -1865,12 +1865,19 @@ static int ext4_writepage(struct page *page, > > if (ext4_walk_page_buffers(NULL, page_bufs, 0, len, NULL, > > ext4_bh_delay_or_unwritten)) { > > redirty_page_for_writepage(wbc, page); > > - if (current->flags & PF_MEMALLOC) { > > + if ((current->flags & PF_MEMALLOC) || > > + radix_tree_tag_get(&page->mapping->page_tree, > > + page->index, PAGECACHE_TAG_TOWRITE)) { > I don't think your fix is correct. journal_submit_inode_data_buffers() > uses WB_SYNC_ALL mode to write the pages and thus all the pages you'll see > in ext4_writepage() are going to have TOWRITE tag set. And even if that > wasn't the case you'll have problems when blocksize < pagesize. Because in > data=ordered mode we want to writeout allocated (mapped) blocks in the page > to avoid exposure of uninitialized data after a crash (e.g. in case we have > allocated some blocks in the current transaction but not yet finished > writing them out and there are other blocks underlying the page which > aren't allocated yet). Fixing this isn't easy I'm afraid. > > What we could do is to create a variant of set_page_writeback() which > doesn't clear TOWRITE tag and use that in ext4_bio_write_page() if we are > writing out just some buffers in a page and leaving other dirty buffers > behind. It would have a down side that we would be leaving TOWRITE tagged > pages behind in case when we actually don't race with other writeback but > I don't see that causing any real problems. Hi Jan. Thanks for your reply. I agree about your opinion. But set_page_writeback is used on many place. So I think it is expected to change too much if set_page_writeback is modified. How about change like this ? diff --git a/fs/ext4/page-io.c b/fs/ext4/page-io.c index 4acf1f7..680f12f 100644 --- a/fs/ext4/page-io.c +++ b/fs/ext4/page-io.c @@ -373,14 +373,14 @@ int ext4_bio_write_page(struct ext4_io_submit *io, unsigned block_start, blocksize; struct buffer_head *bh, *head; int ret = 0; - int nr_submitted = 0; + int nr_submitted = 0, dirty_buffers =0, unmapped_dirty_buffers = 0; + bool needs_tag_towrite = 0; blocksize = 1 << inode->i_blkbits; BUG_ON(!PageLocked(page)); BUG_ON(PageWriteback(page)); - set_page_writeback(page); ClearPageError(page); /* @@ -418,6 +418,8 @@ int ext4_bio_write_page(struct ext4_io_submit *io, clear_buffer_dirty(bh); if (io->io_bio) ext4_io_submit(io); + if ((buffer_delay(bh) || buffer_unwritten(bh)) && buffer_dirty(bh)) + unmapped_dirty_buffers++; continue; } if (buffer_new(bh)) { @@ -425,8 +427,21 @@ int ext4_bio_write_page(struct ext4_io_submit *io, unmap_underlying_metadata(bh->b_bdev, bh->b_blocknr); } set_buffer_async_write(bh); + dirty_buffers++; } while ((bh = bh->b_this_page) != head); + if (!dirty_buffers) { + unlock_page(page); + return ret; + } + + if (unmapped_dirty_buffers && + radix_tree_tag_get(&page->mapping->page_tree, page->index, + PAGECACHE_TAG_TOWRITE)) + needs_tag_towrite = 1; + + set_page_writeback(page); + /* Now submit buffers to write */ bh = head = page_buffers(page); do { @@ -457,5 +472,10 @@ int ext4_bio_write_page(struct ext4_io_submit *io, /* Nothing submitted - we have to end page writeback */ if (!nr_submitted) end_page_writeback(page); + + if (needs_tag_towrite) + tag_pages_for_writeback(page->mapping, page->index, + page->index); + return ret; } Thanks! > > Honza > -- > Jan Kara <jack@...e.cz> > SUSE Labs, CR -- To unsubscribe from this list: send the line "unsubscribe linux-ext4" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists