mirror of
https://github.com/torvalds/linux.git
synced 2024-10-22 21:20:52 +00:00
4390f019ad
fallocate unshare mode explicitly breaks extent sharing. When a
command completes, it checks the data fork for any remaining shared
extents to determine whether the reflink inode flag and COW fork
preallocation can be removed. This logic doesn't consider in-core
pagecache and I/O state, however, which means we can unsafely remove
COW fork blocks that are still needed under certain conditions.
For example, consider the following command sequence:
xfs_io -fc "pwrite 0 1k" -c "reflink <file> 0 256k 1k" \
-c "pwrite 0 32k" -c "funshare 0 1k" <file>
This allocates a data block at offset 0, shares it, and then
overwrites it with a larger buffered write. The overwrite triggers
COW fork preallocation, 32 blocks by default, which maps the entire
32k write to delalloc in the COW fork. All but the shared block at
offset 0 remains hole mapped in the data fork. The unshare command
redirties and flushes the folio at offset 0, removing the only
shared extent from the inode. Since the inode no longer maps shared
extents, unshare purges the COW fork before the remaining 28k may
have written back.
This leaves dirty pagecache backed by holes, which writeback quietly
skips, thus leaving clean, non-zeroed pagecache over holes in the
file. To verify, fiemap shows holes in the first 32k of the file and
reads return different data across a remount:
$ xfs_io -c "fiemap -v" <file>
<file>:
EXT: FILE-OFFSET BLOCK-RANGE TOTAL FLAGS
...
1: [8..511]: hole 504
...
$ xfs_io -c "pread -v 4k 8" <file>
00001000: cd cd cd cd cd cd cd cd ........
$ umount <mnt>; mount <dev> <mnt>
$ xfs_io -c "pread -v 4k 8" <file>
00001000: 00 00 00 00 00 00 00 00 ........
To avoid this problem, make unshare follow the same rules used for
background cowblock scanning and never purge the COW fork for inodes
with dirty pagecache or in-flight I/O.
Fixes: 46afb0628b ("xfs: only flush the unshared range in xfs_reflink_unshare")
Signed-off-by: Brian Foster <bfoster@redhat.com>
Reviewed-by: Darrick J. Wong <djwong@kernel.org>
Signed-off-by: Carlos Maiolino <cem@kernel.org>
66 lines
2.6 KiB
C
66 lines
2.6 KiB
C
// SPDX-License-Identifier: GPL-2.0+
|
|
/*
|
|
* Copyright (C) 2016 Oracle. All Rights Reserved.
|
|
* Author: Darrick J. Wong <darrick.wong@oracle.com>
|
|
*/
|
|
#ifndef __XFS_REFLINK_H
|
|
#define __XFS_REFLINK_H 1
|
|
|
|
/*
|
|
* Check whether it is safe to free COW fork blocks from an inode. It is unsafe
|
|
* to do so when an inode has dirty cache or I/O in-flight, even if no shared
|
|
* extents exist in the data fork, because outstanding I/O may target blocks
|
|
* that were speculatively allocated to the COW fork.
|
|
*/
|
|
static inline bool
|
|
xfs_can_free_cowblocks(struct xfs_inode *ip)
|
|
{
|
|
struct inode *inode = VFS_I(ip);
|
|
|
|
if ((inode->i_state & I_DIRTY_PAGES) ||
|
|
mapping_tagged(inode->i_mapping, PAGECACHE_TAG_DIRTY) ||
|
|
mapping_tagged(inode->i_mapping, PAGECACHE_TAG_WRITEBACK) ||
|
|
atomic_read(&inode->i_dio_count))
|
|
return false;
|
|
return true;
|
|
}
|
|
|
|
extern int xfs_reflink_trim_around_shared(struct xfs_inode *ip,
|
|
struct xfs_bmbt_irec *irec, bool *shared);
|
|
int xfs_bmap_trim_cow(struct xfs_inode *ip, struct xfs_bmbt_irec *imap,
|
|
bool *shared);
|
|
|
|
int xfs_reflink_allocate_cow(struct xfs_inode *ip, struct xfs_bmbt_irec *imap,
|
|
struct xfs_bmbt_irec *cmap, bool *shared, uint *lockmode,
|
|
bool convert_now);
|
|
extern int xfs_reflink_convert_cow(struct xfs_inode *ip, xfs_off_t offset,
|
|
xfs_off_t count);
|
|
|
|
extern int xfs_reflink_cancel_cow_blocks(struct xfs_inode *ip,
|
|
struct xfs_trans **tpp, xfs_fileoff_t offset_fsb,
|
|
xfs_fileoff_t end_fsb, bool cancel_real);
|
|
extern int xfs_reflink_cancel_cow_range(struct xfs_inode *ip, xfs_off_t offset,
|
|
xfs_off_t count, bool cancel_real);
|
|
extern int xfs_reflink_end_cow(struct xfs_inode *ip, xfs_off_t offset,
|
|
xfs_off_t count);
|
|
extern int xfs_reflink_recover_cow(struct xfs_mount *mp);
|
|
extern loff_t xfs_reflink_remap_range(struct file *file_in, loff_t pos_in,
|
|
struct file *file_out, loff_t pos_out, loff_t len,
|
|
unsigned int remap_flags);
|
|
extern int xfs_reflink_inode_has_shared_extents(struct xfs_trans *tp,
|
|
struct xfs_inode *ip, bool *has_shared);
|
|
extern int xfs_reflink_clear_inode_flag(struct xfs_inode *ip,
|
|
struct xfs_trans **tpp);
|
|
extern int xfs_reflink_unshare(struct xfs_inode *ip, xfs_off_t offset,
|
|
xfs_off_t len);
|
|
extern int xfs_reflink_remap_prep(struct file *file_in, loff_t pos_in,
|
|
struct file *file_out, loff_t pos_out, loff_t *len,
|
|
unsigned int remap_flags);
|
|
extern int xfs_reflink_remap_blocks(struct xfs_inode *src, loff_t pos_in,
|
|
struct xfs_inode *dest, loff_t pos_out, loff_t remap_len,
|
|
loff_t *remapped);
|
|
extern int xfs_reflink_update_dest(struct xfs_inode *dest, xfs_off_t newlen,
|
|
xfs_extlen_t cowextsize, unsigned int remap_flags);
|
|
|
|
#endif /* __XFS_REFLINK_H */
|