lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 24 May 2022 11:39:33 +0200
From:   Jan Kara <jack@...e.cz>
To:     Ritesh Harjani <ritesh.list@...il.com>
Cc:     Jan Kara <jack@...e.cz>, Baokun Li <libaokun1@...wei.com>,
        linux-ext4@...r.kernel.org, tytso@....edu,
        adilger.kernel@...ger.ca, linux-kernel@...r.kernel.org,
        yi.zhang@...wei.com, yebin10@...wei.com, yukuai3@...wei.com
Subject: Re: [PATCH 2/2] ext4: correct the judgment of BUG in
 ext4_mb_normalize_request

On Tue 24-05-22 11:56:55, Ritesh Harjani wrote:
> On 22/05/23 11:08PM, Jan Kara wrote:
> > On Tue 24-05-22 01:38:44, Ritesh Harjani wrote:
> > > On 22/05/21 09:42PM, Baokun Li wrote:
> > > > When either of the "start + size <= ac->ac_o_ex.fe_logical" or
> > > > "start > ac->ac_o_ex.fe_logical" conditions is met, it indicates
> > > > that the fe_logical is not in the allocated range.
> > >
> > > Sounds about right to me based on the logic in ext4_mb_use_inode_pa().
> > > We try to allocate/preallocate such that ac->ac_o_ex.fe_logical should fall
> > > within the preallocated range. So if our start or start + size doesn't include
> > > fe_logical then it is a bug in the ext4_mb_normalize_request() logic.
> >
> > I agree ac->ac_o_ex.fe_logical is a goal block. But AFAIK it never was a
> > hard guarantee that we would allocate extent that includes that block. It
> 
> Agree that the guarantee is not about the extent which finally gets allocated.
> It is only within ext4_mb_normalize_request() that the "start" and "size"
> variable calculations is done in such a way that the ac->ac_o_ex.fe_logical
> block will always fall within the "start" & "end" boundaries after
> normalization.
> 
> That is how it also updates the goal block at the end too. ac->ac_g_ex.
> 
> > was always treated as a hint only. In particular if you look at the logic
> > in ext4_mb_normalize_request() it does shift the start of the allocation to
> > avoid preallocated ranges etc.
> 
> Yes, I checked the logic of ext4_mb_normalize_request() again.
> As I see it (I can be wrong, so please correct me), there is always an attempt
> to make "start" & "start + size" such that it covers ac->ac_o_ex.fe_logical
> except just one change where we are trimming the size of the request to only
> EXT4_BLOCKS_PER_GROUP.
> 
> For e.g. when it compares against preallocated ranges. It has a BUG() which
> checks if the ac->ac_o_ex.fe_logical already lies in the preallocated range.
> Because then we should never have come here to do allocation of a new block.
> 
> 4143                 /* PA must not overlap original request */
> 4144                 BUG_ON(!(ac->ac_o_ex.fe_logical >= pa_end ||
> 4145                         ac->ac_o_ex.fe_logical < pa->pa_lstart));
> <...>
> 4152                 BUG_ON(pa->pa_lstart <= start && pa_end >= end);
> 
> Then after skipping the preallocated regions which doesn't fall in between
> "start" and "end"...
> 
> 4147                 /* skip PAs this normalized request doesn't overlap with */
> 4148                 if (pa->pa_lstart >= end || pa_end <= start) {
> 4149                         spin_unlock(&pa->pa_lock);
> 4150                         continue;
> 4151                 }
> 
> ...it adjusts "start" and "end" boundary according to allocated PAs boundaries
> such that fe_logical is always in between "start" and "end".
> 
> 4154                 /* adjust start or end to be adjacent to this pa */
> 4155                 if (pa_end <= ac->ac_o_ex.fe_logical) {
> 4156                         BUG_ON(pa_end < start);
> 4157                         start = pa_end;
> 4158                 } else if (pa->pa_lstart > ac->ac_o_ex.fe_logical) {
> 4159                         BUG_ON(pa->pa_lstart > end);
> 4160                         end = pa->pa_lstart;
> 4161                 }
> 
> 
> 
> > so I don't see how we are guaranteed that
> > ext4_mb_normalize_request() will result in an allocation request that
> > includes ac->ac_o_ex.fe_logical.
> 
> It could be I am wrong, but looks like ext4_mb_normalize_request() keeps
> ac->ac_o_ex.fe_logical within "start" and "end" of allocation request.
> And then updates the goal block.
> 
> 4196         ac->ac_g_ex.fe_logical = start;
> 4197         ac->ac_g_ex.fe_len = EXT4_NUM_B2C(sbi, size);
> 
> Thoughts?

Right, after some more inspection the only thing I'm concerned about is:

        /* don't cover already allocated blocks in selected range */
        if (ar->pleft && start <= ar->lleft) {
                size -= ar->lleft + 1 - start;
                start = ar->lleft + 1;
        }

which can shift start beyond ac->ac_o_ex.fe_logical if the block would be
already allocated. But I guess in that case we should not be calling
ext4_mb_normalize_request()? ... some more code digging .. Yes, that is
guaranteed in how lleft is initialized in ext4_ext_map_blocks(). So OK, I
withdraw my objection to the stronger check but the changelog really needs
to do a better job to explain why the stronger condition should be true.

								Honza
-- 
Jan Kara <jack@...e.com>
SUSE Labs, CR

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ