linux

mirror of https://github.com/torvalds/linux.git synced 2024-12-02 00:51:44 +00:00

History

Jan Kara 65f8b80053 ext4: fix race when reusing xattr blocks When ext4_xattr_block_set() decides to remove xattr block the following race can happen: CPU1 CPU2 ext4_xattr_block_set() ext4_xattr_release_block() new_bh = ext4_xattr_block_cache_find() lock_buffer(bh); ref = le32_to_cpu(BHDR(bh)->h_refcount); if (ref == 1) { ... mb_cache_entry_delete(); unlock_buffer(bh); ext4_free_blocks(); ... ext4_forget(..., bh, ...); jbd2_journal_revoke(..., bh); ext4_journal_get_write_access(..., new_bh, ...) do_get_write_access() jbd2_journal_cancel_revoke(..., new_bh); Later the code in ext4_xattr_block_set() finds out the block got freed and cancels reusal of the block but the revoke stays canceled and so in case of block reuse and journal replay the filesystem can get corrupted. If the race works out slightly differently, we can also hit assertions in the jbd2 code. Fix the problem by making sure that once matching mbcache entry is found, code dropping the last xattr block reference (or trying to modify xattr block in place) waits until the mbcache entry reference is dropped. This way code trying to reuse xattr block is protected from someone trying to drop the last reference to xattr block. Reported-and-tested-by: Ritesh Harjani <ritesh.list@gmail.com> CC: stable@vger.kernel.org Fixes: `82939d7999` ("ext4: convert to mbcache2") Signed-off-by: Jan Kara <jack@suse.cz> Link: https://lore.kernel.org/r/20220712105436.32204-5-jack@suse.cz Signed-off-by: Theodore Ts'o <tytso@mit.edu>		2022-08-02 23:56:25 -04:00
..
.kunitconfig	ext4: add .kunitconfig fragment to enable ext4-specific tests	2021-02-11 23:16:30 -05:00
acl.c	fs/ext4: fix comments mentioning i_mutex	2022-02-03 10:57:53 -05:00
acl.h	vfs: add rcu argument to ->get_acl() callback	2021-08-18 22:08:24 +02:00
balloc.c	ext4: use ext4_debug() instead of jbd_debug()	2022-08-02 23:52:19 -04:00
bitmap.c
block_validity.c	ext4: add ext4_sb_block_valid() refactored out of ext4_inode_block_valid()	2022-02-25 21:34:56 -05:00
crypto.c	ext4: refactor and move ext4_ioctl_get_encryption_pwsalt()	2022-05-21 22:24:24 -04:00
dir.c	ext4: fix spelling errors in comments	2022-05-11 15:19:06 -04:00
ext4_extents.h	ext4: fix sparse warnings	2021-08-30 23:36:50 -04:00
ext4_jbd2.c	ext4: use ext4_debug() instead of jbd_debug()	2022-08-02 23:52:19 -04:00
ext4_jbd2.h	fs/ext4: fix comments mentioning i_mutex	2022-02-03 10:57:53 -05:00
ext4.h	ext4: update the s_overhead_clusters in the backup sb's when resizing	2022-08-02 23:52:19 -04:00
extents_status.c	ext4: correct the cache_nr in tracepoint ext4_es_shrink_exit	2021-06-22 21:34:17 -04:00
extents_status.h	ext4: fix extent_status trace points	2020-01-25 02:03:03 -05:00
extents.c	ext4: fix bug_on in __es_tree_search	2022-05-24 15:34:17 -04:00
fast_commit.c	ext4: use ext4_debug() instead of jbd_debug()	2022-08-02 23:52:19 -04:00
fast_commit.h	flexible-array transformations for 5.18-rc1	2022-03-24 11:39:32 -07:00
file.c	iomap: add per-iomap_iter private data	2022-05-16 17:17:32 +02:00
fsmap.c	treewide: Change list_sort to use const pointers	2021-04-08 16:04:22 -07:00
fsmap.h	ext4: fsmap: fix the block/inode bitmap comment	2021-06-24 09:48:29 -04:00
fsync.c	block: use an on-stack bio in blkdev_issue_flush	2021-01-27 09:51:48 -07:00
hash.c	unicode: clean up the Kconfig symbol confusion	2022-01-20 19:57:24 -05:00
ialloc.c	ext4: Support for checksumming from journal triggers	2021-08-30 23:36:50 -04:00
indirect.c	ext4: use ext4_debug() instead of jbd_debug()	2022-08-02 23:52:19 -04:00
inline.c	ext4: correct max_inline_xattr_value_size computing	2022-08-02 23:52:44 -04:00
inode-test.c	fs: ext4: Modify inode-test.c to use KUnit parameterized testing feature	2020-12-02 16:07:25 -07:00
inode.c	ext4: remove EA inode entry from mbcache on inode eviction	2022-08-02 23:56:25 -04:00
ioctl.c	ext4: update the s_overhead_clusters in the backup sb's when resizing	2022-08-02 23:52:19 -04:00
Kconfig	ext: EXT4_KUNIT_TESTS should depend on EXT4_FS instead of selecting it	2021-02-11 23:12:59 -05:00
Makefile	ext4: move ext4 crypto code to its own file crypto.c	2022-05-21 22:24:24 -04:00
mballoc.c	ext4: reuse order and buddy in mb_mark_used when buddy split	2022-08-02 23:52:19 -04:00
mballoc.h	ext4: fix various seppling typos	2021-04-09 23:14:59 -04:00
migrate.c	ext4: recover csum seed of tmp_inode after migrating to extents	2022-08-02 23:56:02 -04:00
mmp.c	ext4: remove unnecessary type castings	2022-05-11 15:19:06 -04:00
move_extent.c	ext4: Convert ext4 to read_folio	2022-05-09 16:21:45 -04:00
namei.c	ext4: make sure ext4_append() always allocates new block	2022-08-02 23:56:17 -04:00
orphan.c	ext4: use ext4_debug() instead of jbd_debug()	2022-08-02 23:52:19 -04:00
page-io.c	ext4: fix incorrect comment in ext4_bio_write_page()	2022-06-16 11:03:16 -04:00
readpage.c	fs: Convert block_read_full_page() to block_read_full_folio()	2022-05-09 16:21:44 -04:00
resize.c	ext4: update the s_overhead_clusters in the backup sb's when resizing	2022-08-02 23:52:19 -04:00
super.c	ext4: reflect mb_optimize_scan value in options file	2022-08-02 23:56:17 -04:00
symlink.c	ext4: fix reading leftover inlined symlinks	2022-08-02 23:37:50 -04:00
sysfs.c	unicode: clean up the Kconfig symbol confusion	2022-01-20 19:57:24 -05:00
truncate.h	ext4: Convert to use mapping->invalidate_lock	2021-07-13 14:29:00 +02:00
verity.c	ext4: Call aops write_begin() and write_end() directly	2022-05-08 14:45:56 -04:00
xattr_hurd.c	acl: handle idmapped mounts	2021-01-24 14:27:17 +01:00
xattr_security.c	acl: handle idmapped mounts	2021-01-24 14:27:17 +01:00
xattr_trusted.c	acl: handle idmapped mounts	2021-01-24 14:27:17 +01:00
xattr_user.c	acl: handle idmapped mounts	2021-01-24 14:27:17 +01:00
xattr.c	ext4: fix race when reusing xattr blocks	2022-08-02 23:56:25 -04:00
xattr.h	ext4: remove EA inode entry from mbcache on inode eviction	2022-08-02 23:56:25 -04:00