All of lore.kernel.org
 help / color / mirror / Atom feed
From: Andrew Morton <akpm@zip.com.au>
To: Andrea Arcangeli <andrea@suse.de>
Cc: Alexander Viro <viro@math.psu.edu>, lkml <linux-kernel@vger.kernel.org>
Subject: Re: [patch] truncate fixes
Date: Sun, 06 Jan 2002 20:28:37 -0800	[thread overview]
Message-ID: <3C3923F5.485668AA@zip.com.au> (raw)
In-Reply-To: <3C36DEA9.AEA2A402@zip.com.au>, <3C36DEA9.AEA2A402@zip.com.au>; <20020107043236.J1561@athlon.random> <3C391A96.63FDBA8@zip.com.au>, <3C391A96.63FDBA8@zip.com.au>; from akpm@zip.com.au on Sun, Jan 06, 2002 at 07:48:38PM -0800 <20020107051259.L1561@athlon.random>

Andrea Arcangeli wrote:
> 
> > (I think I'll add a buffer_mapped() test to this code as well.  It's
> > a bit redundant because the fs shouldn't go setting BH_New and not
> > BH_Mapped, but this code is _very_ rarely executed, and I haven't
> > tested all filesystems...)
> 
> correct, it shouldn't be necessary. I wouldn't add it. if a fs breaks the
> buffer_new semantics it's the one that should be fixed methinks.

You mean "don't be lazy.  Audit all the filesystems"?  Sigh.  OK.
 
> >
> > @@ -1633,12 +1660,22 @@ static int __block_prepare_write(struct
> >          */
> >         while(wait_bh > wait) {
> >                 wait_on_buffer(*--wait_bh);
> > -               err = -EIO;
> >                 if (!buffer_uptodate(*wait_bh))
> > -                       goto out;
> > +                       return -EIO;
> >         }
> >         return 0;
> >  out:
> > +       bh = head;
> > +       block_start = 0;
> > +       do {
> > +               if (buffer_new(bh) && buffer_mapped(bh) && !buffer_uptodate(bh)) {
> > +                       memset(kaddr+block_start, 0, bh->b_size);
> > +                       set_bit(BH_Uptodate, &bh->b_state);
> > +                       mark_buffer_dirty(bh);
> > +               }
> > +               block_start += bh->b_size;
> > +               bh = bh->b_this_page;
> > +       } while (bh != head);
> 
> I found another problem,  we really need to keep track of which bh are
> been created by us during the failing prepare_write (buffer_new right
> now, not a long time ago), or we risk to corrupt data with a write
> passing over many bh, where the first bh of the page contained vaild
> data since a long time ago.  To do this: 1) we either keep track of it
> on the kernel stack with some local variable or 2) we change
> the buffer_new semantics so that they indicate an "instant buffer_new"
> to clear just after checking it

Fair enough.  How does this (untested) approach look?


@@ -1600,6 +1627,7 @@ static int __block_prepare_write(struct 
                if (block_start >= to)
                        break;
                if (!buffer_mapped(bh)) {
+                       clear_bit(BH_New, &bh->b_state);
                        err = get_block(inode, block, bh, 1);
                        if (err)
                                goto out;
@@ -1633,12 +1661,30 @@ static int __block_prepare_write(struct 
         */
        while(wait_bh > wait) {
                wait_on_buffer(*--wait_bh);
-               err = -EIO;
                if (!buffer_uptodate(*wait_bh))
-                       goto out;
+                       return -EIO;
        }
        return 0;
 out:
+       /*
+        * Zero out any newly allocated blocks to avoid exposing stale
+        * data.  If BH_New is set, we know that the block was newly
+        * allocated in the above loop.
+        */
+       bh = head;
+       block_start = 0;
+       do {
+               if (buffer_new(bh)) {
+                       if (buffer_uptodate(bh))
+                               printk(KERN_ERR __FUNCTION__
+                                       ": zeroing uptodate buffer!\n");
+                       memset(kaddr+block_start, 0, bh->b_size);
+                       set_bit(BH_Uptodate, &bh->b_state);
+                       mark_buffer_dirty(bh);
+               }
+               block_start += bh->b_size;
+               bh = bh->b_this_page;
+       } while (bh != head);
        return err;
 }

  reply	other threads:[~2002-01-07  4:34 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2002-01-05 11:08 [patch] truncate fixes Andrew Morton
2002-01-07  2:46 ` Andrea Arcangeli
2002-01-07  2:53   ` Andrew Morton
2002-01-07  3:16     ` Andrea Arcangeli
2002-01-07  5:24     ` Alexander Viro
2002-01-07  3:11   ` Andrew Morton
2002-01-07  3:58     ` Andrea Arcangeli
2002-01-07  3:32 ` Andrea Arcangeli
2002-01-07  3:48   ` Andrew Morton
2002-01-07  4:12     ` Andrea Arcangeli
2002-01-07  4:28       ` Andrew Morton [this message]
2002-01-07  5:09         ` Andrea Arcangeli
2002-01-07 12:41         ` Daniel Phillips

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=3C3923F5.485668AA@zip.com.au \
    --to=akpm@zip.com.au \
    --cc=andrea@suse.de \
    --cc=linux-kernel@vger.kernel.org \
    --cc=viro@math.psu.edu \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.