lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20230327093553.up7dhoyqe4ecpn7y@quack3>
Date:   Mon, 27 Mar 2023 11:35:53 +0200
From:   Jan Kara <jack@...e.cz>
To:     Baokun Li <libaokun1@...wei.com>
Cc:     Jan Kara <jack@...e.cz>, linux-ext4@...r.kernel.org, tytso@....edu,
        adilger.kernel@...ger.ca, ritesh.list@...il.com,
        linux-kernel@...r.kernel.org, yi.zhang@...wei.com,
        yangerkun@...wei.com, yukuai3@...wei.com, stable@...r.kernel.org
Subject: Re: [PATCH 3/3] ext4: fix race between writepages and remount

On Thu 23-03-23 22:18:53, Baokun Li wrote:
> On 2023/3/23 19:44, Jan Kara wrote:
> > > ---
> > >   fs/ext4/ext4.h      |  3 ++-
> > >   fs/ext4/ext4_jbd2.h |  9 +++++----
> > >   fs/ext4/super.c     | 14 ++++++++++++++
> > >   3 files changed, 21 insertions(+), 5 deletions(-)
> > > 
> > > diff --git a/fs/ext4/ext4.h b/fs/ext4/ext4.h
> > > index 08b29c289da4..f60967fa648f 100644
> > > --- a/fs/ext4/ext4.h
> > > +++ b/fs/ext4/ext4.h
> > > @@ -1703,7 +1703,8 @@ struct ext4_sb_info {
> > >   	/*
> > >   	 * Barrier between writepages ops and changing any inode's JOURNAL_DATA
> > > -	 * or EXTENTS flag.
> > > +	 * or EXTENTS flag or between changing SHOULD_DIOREAD_NOLOCK flag on
> > > +	 * remount and writepages ops.
> > >   	 */
> > >   	struct percpu_rw_semaphore s_writepages_rwsem;
> > >   	struct dax_device *s_daxdev;
> > > diff --git a/fs/ext4/ext4_jbd2.h b/fs/ext4/ext4_jbd2.h
> > > index 0c77697d5e90..d82bfcdd56e5 100644
> > > --- a/fs/ext4/ext4_jbd2.h
> > > +++ b/fs/ext4/ext4_jbd2.h
> > > @@ -488,6 +488,9 @@ static inline int ext4_free_data_revoke_credits(struct inode *inode, int blocks)
> > >   	return blocks + 2*(EXT4_SB(inode->i_sb)->s_cluster_ratio - 1);
> > >   }
> > > +/* delalloc is a temporary fix to prevent generic/422 test failures*/
> > > +#define EXT4_MOUNT_SHOULD_DIOREAD_NOLOCK (EXT4_MOUNT_DIOREAD_NOLOCK | \
> > > +					  EXT4_MOUNT_DELALLOC)
> > >   /*
> > >    * This function controls whether or not we should try to go down the
> > >    * dioread_nolock code paths, which makes it safe to avoid taking
> > > @@ -499,7 +502,8 @@ static inline int ext4_free_data_revoke_credits(struct inode *inode, int blocks)
> > >    */
> > >   static inline int ext4_should_dioread_nolock(struct inode *inode)
> > >   {
> > > -	if (!test_opt(inode->i_sb, DIOREAD_NOLOCK))
> > > +	if (test_opt(inode->i_sb, SHOULD_DIOREAD_NOLOCK) !=
> > > +	    EXT4_MOUNT_SHOULD_DIOREAD_NOLOCK)
> > >   		return 0;
> > >   	if (!S_ISREG(inode->i_mode))
> > >   		return 0;
> > > @@ -507,9 +511,6 @@ static inline int ext4_should_dioread_nolock(struct inode *inode)
> > >   		return 0;
> > >   	if (ext4_should_journal_data(inode))
> > >   		return 0;
> > > -	/* temporary fix to prevent generic/422 test failures */
> > > -	if (!test_opt(inode->i_sb, DELALLOC))
> > > -		return 0;
> > >   	return 1;
> > >   }
> > Is there a need for this SHOULD_DIOREAD_NOLOCK? When called from writeback
> > we will be protected by s_writepages_rwsem anyway. When called from other
> > places, we either decide to do dioread_nolock or don't but the situation
> > can change at any instant so I don't see how unifying this check would
> > help. And the new SHOULD_DIOREAD_NOLOCK somewhat obfuscates what's going
> > on.
> We're thinking that the mount-related flags in
> ext4_should_dioread_nolock() might be modified, such as DELALLOC being
> removed because generic/422 test failures were fixed in some other way,
> resulting in some unnecessary locking during remount, or for whatever
> reason a mount-related flag was added to ext4_should_dioread_nolock(),
> and we didn't make a synchronization change in __ext4_remount() that
> would cause the problem to recur.  So we added this flag to this function
> (instead of in ext4.h), so that when we change the mount option in
> ext4_should_dioread_nolock(), we directly change this flag, and we don't
> have to consider making synchronization changes in __ext4_remount().
> 
> We have checked where this function is called and there are two types of
> calls to this function:
> 1. One category is ext4_do_writepages() and mpage_map_one_extent(), which
> are protected by s_writepages_rwsem, the location of the problem;
> 2. The other type is in ext4_page_mkwrite(),
> ext4_convert_inline_data_to_extent(), ext4_write_begin() to determine
> whether to get the block using ext4_get_block_unwritten() or
> ext4_get_block().
>
>     1) If we just started fetching written blocks, it looks like there is no
> problem;
>     2) If we start getting unwritten blocks, when DIOREAD_NOLOCK is cleared
> by remount,
>         we will convert the blocks to written in ext4_map_blocks(). The
> data=ordered mode ensures that we don't see stale data.

Yes. So do you agree that EXT4_MOUNT_SHOULD_DIOREAD_NOLOCK is not really
needed?

								Honza
-- 
Jan Kara <jack@...e.com>
SUSE Labs, CR

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ