From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Theodore Tso <tytso@mit.edu>,
Amir Goldstein <amir73il@gmail.com>
Subject: [PATCH 3.18 20/67] ext4: fix interaction between i_size, fallocate, and delalloc after a crash
Date: Tue, 28 Nov 2017 11:19:19 +0100 [thread overview]
Message-ID: <20171128100422.864159864@linuxfoundation.org> (raw)
In-Reply-To: <20171128100420.274075224@linuxfoundation.org>
3.18-stable review patch. If anyone has any objections, please let me know.
------------------
From: Theodore Ts'o <tytso@mit.edu>
commit 51e3ae81ec58e95f10a98ef3dd6d7bce5d8e35a2 upstream.
If there are pending writes subject to delayed allocation, then i_size
will show size after the writes have completed, while i_disksize
contains the value of i_size on the disk (since the writes have not
been persisted to disk).
If fallocate(2) is called with the FALLOC_FL_KEEP_SIZE flag, either
with or without the FALLOC_FL_ZERO_RANGE flag set, and the new size
after the fallocate(2) is between i_size and i_disksize, then after a
crash, if a journal commit has resulted in the changes made by the
fallocate() call to be persisted after a crash, but the delayed
allocation write has not resolved itself, i_size would not be updated,
and this would cause the following e2fsck complaint:
Inode 12, end of extent exceeds allowed value
(logical block 33, physical block 33441, len 7)
This can only take place on a sparse file, where the fallocate(2) call
is allocating blocks in a range which is before a pending delayed
allocation write which is extending i_size. Since this situation is
quite rare, and the window in which the crash must take place is
typically < 30 seconds, in practice this condition will rarely happen.
Nevertheless, it can be triggered in testing, and in particular by
xfstests generic/456.
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Reported-by: Amir Goldstein <amir73il@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
fs/ext4/extents.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
--- a/fs/ext4/extents.c
+++ b/fs/ext4/extents.c
@@ -4807,7 +4807,8 @@ static long ext4_zero_range(struct file
}
if (!(mode & FALLOC_FL_KEEP_SIZE) &&
- offset + len > i_size_read(inode)) {
+ (offset + len > i_size_read(inode) ||
+ offset + len > EXT4_I(inode)->i_disksize)) {
new_size = offset + len;
ret = inode_newsize_ok(inode, new_size);
if (ret)
@@ -4951,7 +4952,8 @@ long ext4_fallocate(struct file *file, i
}
if (!(mode & FALLOC_FL_KEEP_SIZE) &&
- offset + len > i_size_read(inode)) {
+ (offset + len > i_size_read(inode) ||
+ offset + len > EXT4_I(inode)->i_disksize)) {
new_size = offset + len;
ret = inode_newsize_ok(inode, new_size);
if (ret)
next prev parent reply other threads:[~2017-11-28 10:21 UTC|newest]
Thread overview: 70+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-11-28 10:18 [PATCH 3.18 00/67] 3.18.85-stable review Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 01/67] s390/disassembler: increase show_code buffer size Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 02/67] ipv6: only call ip6_route_dev_notify() once for NETDEV_UNREGISTER Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 03/67] sched: Make resched_cpu() unconditional Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 04/67] lib/mpi: call cond_resched() from mpi_powm() loop Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 05/67] x86/decoder: Add new TEST instruction pattern Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 06/67] ARM: 8721/1: mm: dump: check hardware RO bit for LPAE Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 07/67] ALSA: hda: Add Raven PCI ID Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 08/67] dm bufio: fix integer overflow when limiting maximum cache size Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 09/67] dm: fix race between dm_get_from_kobject() and __dm_destroy() Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 10/67] MIPS: Fix an n32 core file generation regset support regression Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 11/67] MIPS: BCM47XX: Fix LED inversion for WRT54GSv1 Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 12/67] autofs: dont fail mount for transient error Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 13/67] nilfs2: fix race condition that causes file system corruption Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 14/67] eCryptfs: use after free in ecryptfs_release_messaging() Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 15/67] bcache: check ca->alloc_thread initialized before wake up it Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 16/67] isofs: fix timestamps beyond 2027 Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 17/67] NFS: Fix typo in nomigration mount option Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 18/67] nfs: Fix ugly referral attributes Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 19/67] nfsd: deal with revoked delegations appropriately Greg Kroah-Hartman
2017-11-28 10:19 ` Greg Kroah-Hartman [this message]
2017-11-28 10:19 ` [PATCH 3.18 21/67] ALSA: usb-audio: Add sanity checks to FE parser Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 22/67] ALSA: usb-audio: Fix potential out-of-bound access at parsing SU Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 23/67] ALSA: usb-audio: Add sanity checks in v2 clock parsers Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 24/67] ALSA: timer: Remove kernel warning at compat ioctl error paths Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 25/67] fs/9p: Compare qid.path in v9fs_test_inode Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 26/67] iscsi-target: Fix non-immediate TMR reference leak Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 27/67] KVM: nVMX: set IDTR and GDTR limits when loading L1 host state Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 29/67] clk: ti: dra7-atl-clock: Fix of_node reference counting Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 30/67] clk: ti: dra7-atl-clock: fix child-node lookups Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 31/67] IB/srpt: Do not accept invalid initiator port names Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 32/67] NFC: fix device-allocation error return Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 33/67] time: Always make sure wall_to_monotonic isnt positive Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 34/67] i40e: Use smp_rmb rather than read_barrier_depends Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 35/67] igb: " Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 36/67] igbvf: " Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 37/67] ixgbevf: " Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 38/67] i40evf: " Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 39/67] fm10k: " Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 40/67] ixgbe: Fix skb list corruption on Power systems Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 41/67] parisc: Fix validity check of pointer size argument in new CAS implementation Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 42/67] powerpc/signal: Properly handle return value from uprobe_deny_signal() Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 43/67] media: Dont do DMA on stack for firmware upload in the AS102 driver Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 44/67] media: rc: check for integer overflow Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 45/67] media: v4l2-ctrl: Fix flags field on Control events Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 46/67] net/9p: Switch to wait_event_killable() Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 47/67] mtd: nand: Fix writing mtdoops to nand flash Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 48/67] USB: fix buffer overflows with parsing CDC headers Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 49/67] iio: iio-trig-periodic-rtc: Free trigger resource correctly Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 50/67] e1000e: Fix error path in link detection Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 51/67] e1000e: Fix return value test Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 52/67] e1000e: Separate signaling for link check/link up Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 53/67] RDS: RDMA: return appropriate error on rdma map failures Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 54/67] PCI: Apply _HPX settings only to relevant devices Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 55/67] net: 3com: typhoon: typhoon_init_one: make return values more specific Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 56/67] net: 3com: typhoon: typhoon_init_one: fix incorrect return values Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 57/67] drm/armada: Fix compile fail Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 58/67] ALSA: hda - Apply ALC269_FIXUP_NO_SHUTUP on HDA_FIXUP_ACT_PROBE Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 59/67] mac80211: Remove invalid flag operations in mesh TSF synchronization Greg Kroah-Hartman
2017-11-28 10:19 ` [PATCH 3.18 60/67] mac80211: Suppress NEW_PEER_CANDIDATE event if no room Greg Kroah-Hartman
2017-11-28 10:20 ` [PATCH 3.18 61/67] staging: iio: cdc: fix improper return value Greg Kroah-Hartman
2017-11-28 10:20 ` [PATCH 3.18 62/67] netfilter: nft_queue: use raw_smp_processor_id() Greg Kroah-Hartman
2017-11-28 10:20 ` [PATCH 3.18 63/67] netfilter: nf_tables: fix oob access Greg Kroah-Hartman
2017-11-28 10:20 ` [PATCH 3.18 64/67] btrfs: return the actual error value from from btrfs_uuid_tree_iterate Greg Kroah-Hartman
2017-11-28 10:20 ` [PATCH 3.18 65/67] ASoC: wm_adsp: Dont overrun firmware file buffer when reading region data Greg Kroah-Hartman
2017-11-28 10:20 ` [PATCH 3.18 66/67] s390/kbuild: enable modversions for symbols exported from asm Greg Kroah-Hartman
2017-11-28 10:20 ` [PATCH 3.18 67/67] xen: xenbus driver must not accept invalid transaction ids Greg Kroah-Hartman
2017-11-28 19:37 ` [PATCH 3.18 00/67] 3.18.85-stable review Shuah Khan
2017-11-29 6:33 ` Greg Kroah-Hartman
2017-11-28 21:50 ` Guenter Roeck
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171128100422.864159864@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=amir73il@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.