lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sun, 29 Jul 2018 14:02:59 +0800 From: Chao Yu <chao@...nel.org> To: Jaegeuk Kim <jaegeuk@...nel.org>, Chao Yu <yuchao0@...wei.com> Cc: linux-f2fs-devel@...ts.sourceforge.net, linux-kernel@...r.kernel.org Subject: Re: [PATCH 3/4] f2fs: fix avoid race between truncate and background GC On 2018/7/29 9:58, Jaegeuk Kim wrote: > On 07/27, Chao Yu wrote: >> Thread A Background GC >> - f2fs_setattr isize to 0 >> - truncate_setsize >> - gc_data_segment >> - f2fs_get_read_data_page page #0 >> - set_page_dirty >> - set_cold_data >> - f2fs_truncate >> >> - f2fs_setattr isize to 4k >> - read 4k <--- hit data in cached page #0 >> >> Above race condition can cause read out invalid data in a truncated >> page, fix it by i_gc_rwsem[WRITE] lock. > > We can truncate pages again after f2fs_truncate()? I think it can fix this issue, although it looks a little strange to truncate page cache twice. Thanks, > >> >> Signed-off-by: Chao Yu <yuchao0@...wei.com> >> --- >> fs/f2fs/data.c | 4 ++++ >> fs/f2fs/file.c | 33 +++++++++++++++++++-------------- >> 2 files changed, 23 insertions(+), 14 deletions(-) >> >> diff --git a/fs/f2fs/data.c b/fs/f2fs/data.c >> index 071224ded5f4..a29f3162b887 100644 >> --- a/fs/f2fs/data.c >> +++ b/fs/f2fs/data.c >> @@ -2214,10 +2214,14 @@ static void f2fs_write_failed(struct address_space *mapping, loff_t to) >> loff_t i_size = i_size_read(inode); >> >> if (to > i_size) { >> + down_write(&F2FS_I(inode)->i_gc_rwsem[WRITE]); >> down_write(&F2FS_I(inode)->i_mmap_sem); >> + >> truncate_pagecache(inode, i_size); >> f2fs_truncate_blocks(inode, i_size, true); >> + >> up_write(&F2FS_I(inode)->i_mmap_sem); >> + up_write(&F2FS_I(inode)->i_gc_rwsem[WRITE]); >> } >> } >> >> diff --git a/fs/f2fs/file.c b/fs/f2fs/file.c >> index 7bd2412a8c37..ed5c9b0e0d0c 100644 >> --- a/fs/f2fs/file.c >> +++ b/fs/f2fs/file.c >> @@ -796,22 +796,25 @@ int f2fs_setattr(struct dentry *dentry, struct iattr *attr) >> } >> >> if (attr->ia_valid & ATTR_SIZE) { >> - if (attr->ia_size <= i_size_read(inode)) { >> - down_write(&F2FS_I(inode)->i_mmap_sem); >> - truncate_setsize(inode, attr->ia_size); >> + bool to_smaller = (attr->ia_size <= i_size_read(inode)); >> + >> + down_write(&F2FS_I(inode)->i_gc_rwsem[WRITE]); >> + down_write(&F2FS_I(inode)->i_mmap_sem); >> + >> + truncate_setsize(inode, attr->ia_size); >> + >> + if (to_smaller) >> err = f2fs_truncate(inode); >> - up_write(&F2FS_I(inode)->i_mmap_sem); >> - if (err) >> - return err; >> - } else { >> - /* >> - * do not trim all blocks after i_size if target size is >> - * larger than i_size. >> - */ >> - down_write(&F2FS_I(inode)->i_mmap_sem); >> - truncate_setsize(inode, attr->ia_size); >> - up_write(&F2FS_I(inode)->i_mmap_sem); >> + /* >> + * do not trim all blocks after i_size if target size is >> + * larger than i_size. >> + */ >> + up_write(&F2FS_I(inode)->i_mmap_sem); >> + up_write(&F2FS_I(inode)->i_gc_rwsem[WRITE]); >> + if (err) >> + return err; >> >> + if (!to_smaller) { >> /* should convert inline inode here */ >> if (!f2fs_may_inline_data(inode)) { >> err = f2fs_convert_inline_inode(inode); >> @@ -958,6 +961,7 @@ static int punch_hole(struct inode *inode, loff_t offset, loff_t len) >> >> blk_start = (loff_t)pg_start << PAGE_SHIFT; >> blk_end = (loff_t)pg_end << PAGE_SHIFT; >> + down_write(&F2FS_I(inode)->i_gc_rwsem[WRITE]); >> down_write(&F2FS_I(inode)->i_mmap_sem); >> truncate_inode_pages_range(mapping, blk_start, >> blk_end - 1); >> @@ -966,6 +970,7 @@ static int punch_hole(struct inode *inode, loff_t offset, loff_t len) >> ret = f2fs_truncate_hole(inode, pg_start, pg_end); >> f2fs_unlock_op(sbi); >> up_write(&F2FS_I(inode)->i_mmap_sem); >> + up_write(&F2FS_I(inode)->i_gc_rwsem[WRITE]); >> } >> } >> >> -- >> 2.18.0.rc1
Powered by blists - more mailing lists