Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-11-23 04:31:50 +00:00
Code Issues Packages Projects Releases Wiki Activity
f35c5e10c6
linux/fs/xfs
History
Brian Foster f35c5e10c6 xfs: reinit btree pointer on attr tree inactivation walk 
xfs_attr3_root_inactive() walks the attr fork tree to invalidate the
associated blocks. xfs_attr3_node_inactive() recursively descends
from internal blocks to leaf blocks, caching block address values
along the way to revisit parent blocks, locate the next entry and
descend down that branch of the tree.

The code that attempts to reread the parent block is unsafe because
it assumes that the local xfs_da_node_entry pointer remains valid
after an xfs_trans_brelse() and re-read of the parent buffer. Under
heavy memory pressure, it is possible that the buffer has been
reclaimed and reallocated by the time the parent block is reread.
This means that 'btree' can point to an invalid memory address, lead
to a random/garbage value for child_fsb and cause the subsequent
read of the attr fork to go off the rails and return a NULL buffer
for an attr fork offset that is most likely not allocated.

Note that this problem can be manufactured by setting
XFS_ATTR_BTREE_REF to 0 to prevent LRU caching of attr buffers,
creating a file with a multi-level attr fork and removing it to
trigger inactivation.

To address this problem, reinit the node/btree pointers to the
parent buffer after it has been re-read. This ensures btree points
to a valid record and allows the walk to proceed.

Signed-off-by: Brian Foster <bfoster@redhat.com>
Reviewed-by: Darrick J. Wong <darrick.wong@oracle.com>
Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
2017-10-11 10:21:07 -07:00
..
libxfs xfs: Fix bool initialization/comparison 2017-10-11 10:21:06 -07:00
Kconfig xfs: define fatal assert build time tunable 2017-06-19 08:59:10 -07:00
kmem.c mm, vmalloc: use __GFP_HIGHMEM implicitly 2017-05-08 17:15:13 -07:00
kmem.h xfs: map KM_MAYFAIL to __GFP_RETRY_MAYFAIL 2017-07-12 16:26:03 -07:00
Makefile xfs: use the common helper uuid_is_null() 2017-06-05 16:59:08 +02:00
mrlock.h
xfs_acl.c xfs: don't change inode mode if ACL update fails 2017-10-11 10:21:06 -07:00
xfs_acl.h xfs: Don't clear SGID when inheriting ACLs 2017-06-27 18:23:21 -07:00
xfs_aops.c xfs: update i_size after unwritten conversion in dio completion 2017-09-26 10:55:19 -07:00
xfs_aops.h xfs: perform dax_device lookup at mount 2017-08-31 09:31:47 -07:00
xfs_attr_inactive.c xfs: reinit btree pointer on attr tree inactivation walk 2017-10-11 10:21:07 -07:00
xfs_attr_list.c xfs: assert locking precondіtion in xfs_attr_list_int_ilocked 2017-07-13 14:55:05 -07:00
xfs_attr.h xfs: pass along transaction context when reading xattr block buffers 2017-06-20 10:45:22 -07:00
xfs_bmap_item.c xfs: remove the ip argument to xfs_defer_finish 2017-09-01 10:55:30 -07:00
xfs_bmap_item.h xfs: log bmap intent items 2016-10-04 11:05:44 -07:00
xfs_bmap_util.c xfs: move more RT specific code under CONFIG_XFS_RT 2017-10-11 10:21:06 -07:00
xfs_bmap_util.h xfs: move more RT specific code under CONFIG_XFS_RT 2017-10-11 10:21:06 -07:00
xfs_buf_item.c xfs: fix compiler warnings 2017-09-02 08:22:19 -07:00
xfs_buf_item.h xfs: remove unnecessary dirty bli format check for ordered bufs 2017-09-01 10:55:30 -07:00
xfs_buf.c xfs: remove redundant re-initialization of total_nr_pages 2017-09-25 18:22:30 -07:00
xfs_buf.h xfs: perform dax_device lookup at mount 2017-08-31 09:31:47 -07:00
xfs_dir2_readdir.c xfs: pass along transaction context when reading directory block buffers 2017-06-20 10:45:22 -07:00
xfs_discard.c xfs: remove double-underscore integer types 2017-06-19 14:11:33 -07:00
xfs_discard.h xfs: don't block the log commit handler for discards 2017-02-09 11:36:40 -08:00
xfs_dquot_item.c
xfs_dquot_item.h
xfs_dquot.c xfs: remove the ip argument to xfs_defer_finish 2017-09-01 10:55:30 -07:00
xfs_dquot.h
xfs_error.c fs/xfs: Use %pS printk format for direct addresses 2017-09-25 18:22:30 -07:00
xfs_error.h xfs: add log item pinning error injection tag 2017-08-22 09:22:24 -07:00
xfs_export.c
xfs_export.h
xfs_extent_busy.c xfs: fix len comparison in xfs_extent_busy_trim 2017-02-16 17:20:12 -08:00
xfs_extent_busy.h xfs: improve handling of busy extents in the low-level allocator 2017-02-09 10:50:25 -08:00
xfs_extfree_item.c xfs: better log intent item refcount checking 2017-04-25 09:40:42 -07:00
xfs_extfree_item.h
xfs_file.c xfs: Fix bool initialization/comparison 2017-10-11 10:21:06 -07:00
xfs_filestream.c Merge branch 'xfs-4.9-log-recovery-fixes' into for-next 2016-10-03 09:56:28 +11:00
xfs_filestream.h
xfs_fsmap.c xfs: move more RT specific code under CONFIG_XFS_RT 2017-10-11 10:21:06 -07:00
xfs_fsmap.h xfs: implement the GETFSMAP ioctl 2017-04-03 15:18:17 -07:00
xfs_fsops.c xfs: remove double-underscore integer types 2017-06-19 14:11:33 -07:00
xfs_fsops.h xfs: remove double-underscore integer types 2017-06-19 14:11:33 -07:00
xfs_globals.c xfs: define fatal assert build time tunable 2017-06-19 08:59:10 -07:00
xfs_icache.c xfs: check for race with xfs_reclaim_inode() in xfs_ifree_cluster() 2017-09-01 10:55:30 -07:00
xfs_icache.h xfs: check if an inode is cached and allocated 2017-06-19 14:11:34 -07:00
xfs_icreate_item.c fs: xfs: xfs_icreate_item: constify xfs_item_ops structure 2016-11-28 14:57:42 +11:00
xfs_icreate_item.h
xfs_inode_item.c xfs: Don't log uninitialised fields in inode structures 2017-10-11 10:21:06 -07:00
xfs_inode_item.h
xfs_inode.c xfs: don't unconditionally clear the reflink flag on zero-block files 2017-09-25 18:22:30 -07:00
xfs_inode.h xfs: Switch to iomap for SEEK_HOLE / SEEK_DATA 2017-07-02 22:46:13 -07:00
xfs_ioctl32.c xfs: implement the GETFSMAP ioctl 2017-04-03 15:18:17 -07:00
xfs_ioctl32.h xfs: remove double-underscore integer types 2017-06-19 14:11:33 -07:00
xfs_ioctl.c xfs: validate bdev support for DAX inode flag 2017-09-26 10:55:19 -07:00
xfs_ioctl.h xfs: remove double-underscore integer types 2017-06-19 14:11:33 -07:00
xfs_iomap.c xfs: update i_size after unwritten conversion in dio completion 2017-09-26 10:55:19 -07:00
xfs_iomap.h xfs: update i_size after unwritten conversion in dio completion 2017-09-26 10:55:19 -07:00
xfs_iops.c xfs: fix compiler warnings 2017-09-02 08:22:19 -07:00
xfs_iops.h xfs: Propagate dentry down to inode_change_ok() 2016-09-22 10:56:19 +02:00
xfs_itable.c xfs: export various function for the online scrubber 2017-06-19 14:11:34 -07:00
xfs_itable.h xfs: export various function for the online scrubber 2017-06-19 14:11:34 -07:00
xfs_linux.h xfs: XFS_IS_REALTIME_INODE() should be false if no rt device present 2017-09-12 20:02:22 -07:00
xfs_log_cil.c xfs: Fix leak of discard bio 2017-08-04 13:43:36 -07:00
xfs_log_priv.h xfs: remove double-underscore integer types 2017-06-19 14:11:33 -07:00
xfs_log_recover.c xfs: fix compiler warnings 2017-09-02 08:22:19 -07:00
xfs_log.c xfs: Fix bool initialization/comparison 2017-10-11 10:21:06 -07:00
xfs_log.h xfs: remove double-underscore integer types 2017-06-19 14:11:33 -07:00
xfs_message.c xfs: define bug_on_assert debug mode sysfs tunable 2017-06-19 08:59:10 -07:00
xfs_message.h
xfs_mount.c xfs: Fix bool initialization/comparison 2017-10-11 10:21:06 -07:00
xfs_mount.h xfs: convert drop_writes to use the errortag mechanism 2017-06-27 18:23:20 -07:00
xfs_mru_cache.c
xfs_mru_cache.h
xfs_ondisk.h xfs: Don't log uninitialised fields in inode structures 2017-10-11 10:21:06 -07:00
xfs_pnfs.c xfs: update i_size after unwritten conversion in dio completion 2017-09-26 10:55:19 -07:00
xfs_pnfs.h xfs: remove i_iolock and use i_rwsem in the VFS inode instead 2016-11-30 14:33:25 +11:00
xfs_qm_bhv.c xfs: remove double-underscore integer types 2017-06-19 14:11:33 -07:00
xfs_qm_syscalls.c xfs: wait on new inodes during quotaoff dquot release 2017-04-28 08:11:08 -07:00
xfs_qm.c xfs: replace xfs_qm_get_rtblks with a direct call to xfs_bmap_count_leaves 2017-09-01 13:08:26 -07:00
xfs_qm.h
xfs_quota.h
xfs_quotaops.c VFS: Convert sb->s_flags & MS_RDONLY to sb_rdonly(sb) 2017-07-17 08:45:34 +01:00
xfs_refcount_item.c xfs: remove the ip argument to xfs_defer_finish 2017-09-01 10:55:30 -07:00
xfs_refcount_item.h xfs: log refcount intent items 2016-10-03 09:11:21 -07:00
xfs_reflink.c xfs: handle racy AIO in xfs_reflink_end_cow 2017-10-03 21:27:55 -07:00
xfs_reflink.h xfs: separate function to check if inode shares extents 2017-06-19 14:11:35 -07:00
xfs_rmap_item.c xfs: better log intent item refcount checking 2017-04-25 09:40:42 -07:00
xfs_rmap_item.h
xfs_rtalloc.c xfs: remove the ip argument to xfs_defer_finish 2017-09-01 10:55:30 -07:00
xfs_rtalloc.h xfs: export various function for the online scrubber 2017-06-19 14:11:34 -07:00
xfs_stats.c xfs: remove double-underscore integer types 2017-06-19 14:11:33 -07:00
xfs_stats.h xfs: remove double-underscore integer types 2017-06-19 14:11:33 -07:00
xfs_super.c xfs: Output warning message when discard option was enabled even though the device does not support discard 2017-09-25 18:22:30 -07:00
xfs_super.h xfs: don't block the log commit handler for discards 2017-02-09 11:36:40 -08:00
xfs_symlink.c xfs: remove the ip argument to xfs_defer_finish 2017-09-01 10:55:30 -07:00
xfs_symlink.h xfs: allow reading of already-locked remote symbolic link 2017-06-20 10:45:22 -07:00
xfs_sysctl.c xfs: garbage collect old cowextsz reservations 2016-10-05 16:26:28 -07:00
xfs_sysctl.h xfs: define bug_on_assert debug mode sysfs tunable 2017-06-19 08:59:10 -07:00
xfs_sysfs.c xfs: replace log_badcrc_factor knob with error injection tag 2017-06-27 18:23:21 -07:00
xfs_sysfs.h
xfs_trace.c xfs: implement the GETFSMAP ioctl 2017-04-03 15:18:17 -07:00
xfs_trace.h xfs: consolidate the various page fault handlers 2017-09-01 10:55:30 -07:00
xfs_trans_ail.c xfs: add log item pinning error injection tag 2017-08-22 09:22:24 -07:00
xfs_trans_bmap.c xfs: try to avoid blowing out the transaction reservation when bunmaping a shared extent 2017-06-19 08:59:10 -07:00
xfs_trans_buf.c xfs: disallow marking previously dirty buffers as ordered 2017-09-01 10:55:30 -07:00
xfs_trans_dquot.c
xfs_trans_extfree.c xfs: set up per-AG free space reservations 2016-09-19 10:30:52 +10:00
xfs_trans_inode.c xfs: refactor xfs_trans_roll 2017-09-01 10:55:30 -07:00
xfs_trans_priv.h xfs: Properly retry failed inode items in case of error during buffer writeback 2017-08-22 09:22:23 -07:00
xfs_trans_refcount.c xfs: connect refcount adjust functions to upper layers 2016-10-03 09:11:22 -07:00
xfs_trans_rmap.c xfs: remove double-underscore integer types 2017-06-19 14:11:33 -07:00
xfs_trans.c xfs: refactor xfs_trans_roll 2017-09-01 10:55:30 -07:00
xfs_trans.h xfs: disallow marking previously dirty buffers as ordered 2017-09-01 10:55:30 -07:00
xfs_xattr.c xfs: several xattr functions can be void 2016-12-05 12:32:14 +11:00
xfs.h xfs: define fatal assert build time tunable 2017-06-19 08:59:10 -07:00