From: Gao Xiang <xiang@kernel.org>
To: Yue Hu <zbestahu@163.com>
Cc: linux-erofs@lists.ozlabs.org, linux-kernel@vger.kernel.org,
Yue Hu <huyue2@coolpad.com>,
zhangwen@coolpad.com
Subject: Re: [PATCH] erofs: fix the unmapped access in z_erofs_fill_inode_lazy()
Date: Wed, 5 Oct 2022 00:08:21 +0800 [thread overview]
Message-ID: <YzxadSy1YToNHQGr@debian> (raw)
In-Reply-To: <20221004144951.31075-1-zbestahu@163.com>
On Tue, Oct 04, 2022 at 10:49:51PM +0800, Yue Hu wrote:
> From: Yue Hu <huyue2@coolpad.com>
>
> Note that we are still accessing 'h_idata_size' and 'h_fragmentoff'
> after calling erofs_put_metabuf(), that is not correct. Fix it.
>
> Fixes: ab92184ff8f1 ("add on-disk compressed tail-packing inline support")
> Fixes: b15b2e307c3a ("support on-disk compressed fragments data")
> Signed-off-by: Yue Hu <huyue2@coolpad.com>
> ---
> fs/erofs/zmap.c | 15 +++++++--------
> 1 file changed, 7 insertions(+), 8 deletions(-)
>
erofs: fix invalid unmapped accesses in z_erofs_fill_inode_lazy()
> diff --git a/fs/erofs/zmap.c b/fs/erofs/zmap.c
> index 44c27ef39c43..1a15bbf18ba3 100644
> --- a/fs/erofs/zmap.c
> +++ b/fs/erofs/zmap.c
> @@ -58,7 +58,7 @@ static int z_erofs_fill_inode_lazy(struct inode *inode)
> pos = ALIGN(iloc(EROFS_SB(sb), vi->nid) + vi->inode_isize +
> vi->xattr_isize, 8);
> kaddr = erofs_read_metabuf(&buf, sb, erofs_blknr(pos),
> - EROFS_KMAP_ATOMIC);
> + EROFS_KMAP);
kaddr = erofs_read_metabuf(&buf, sb, erofs_blknr(pos), EROFS_KMAP); ?
Also I will use kmap_local later to replace kmap and kmap_atomic if
possible.
> if (IS_ERR(kaddr)) {
> err = PTR_ERR(kaddr);
> goto out_unlock;
> @@ -73,7 +73,7 @@ static int z_erofs_fill_inode_lazy(struct inode *inode)
> vi->z_advise = Z_EROFS_ADVISE_FRAGMENT_PCLUSTER;
> vi->z_fragmentoff = le64_to_cpu(*(__le64 *)h) ^ (1ULL << 63);
> vi->z_tailextent_headlcn = 0;
> - goto unmap_done;
> + goto init_done;
> }
> vi->z_advise = le16_to_cpu(h->h_advise);
> vi->z_algorithmtype[0] = h->h_algorithmtype & 15;
> @@ -105,10 +105,6 @@ static int z_erofs_fill_inode_lazy(struct inode *inode)
> err = -EFSCORRUPTED;
> goto unmap_done;
> }
> -unmap_done:
> - erofs_put_metabuf(&buf);
> - if (err)
> - goto out_unlock;
>
> if (vi->z_advise & Z_EROFS_ADVISE_INLINE_PCLUSTER) {
> struct erofs_map_blocks map = {
> @@ -127,7 +123,7 @@ static int z_erofs_fill_inode_lazy(struct inode *inode)
> err = -EFSCORRUPTED;
> }
> if (err < 0)
> - goto out_unlock;
> + goto unmap_done;
> }
>
> if (vi->z_advise & Z_EROFS_ADVISE_FRAGMENT_PCLUSTER &&
> @@ -141,11 +137,14 @@ static int z_erofs_fill_inode_lazy(struct inode *inode)
> EROFS_GET_BLOCKS_FINDTAIL);
> erofs_put_metabuf(&map.buf);
> if (err < 0)
> - goto out_unlock;
> + goto unmap_done;
> }
> +init_done:
done:
> /* paired with smp_mb() at the beginning of the function */
> smp_mb();
> set_bit(EROFS_I_Z_INITED_BIT, &vi->flags);
> +unmap_done:
out_put_metabuf:
Thanks,
Gao Xiang
> + erofs_put_metabuf(&buf);
> out_unlock:
> clear_and_wake_up_bit(EROFS_I_BL_Z_BIT, &vi->flags);
> return err;
> --
> 2.25.1
>
WARNING: multiple messages have this Message-ID (diff)
From: Gao Xiang <xiang@kernel.org>
To: Yue Hu <zbestahu@163.com>
Cc: chao@kernel.org, linux-erofs@lists.ozlabs.org,
linux-kernel@vger.kernel.org, zhangwen@coolpad.com,
Yue Hu <huyue2@coolpad.com>
Subject: Re: [PATCH] erofs: fix the unmapped access in z_erofs_fill_inode_lazy()
Date: Wed, 5 Oct 2022 00:08:21 +0800 [thread overview]
Message-ID: <YzxadSy1YToNHQGr@debian> (raw)
In-Reply-To: <20221004144951.31075-1-zbestahu@163.com>
On Tue, Oct 04, 2022 at 10:49:51PM +0800, Yue Hu wrote:
> From: Yue Hu <huyue2@coolpad.com>
>
> Note that we are still accessing 'h_idata_size' and 'h_fragmentoff'
> after calling erofs_put_metabuf(), that is not correct. Fix it.
>
> Fixes: ab92184ff8f1 ("add on-disk compressed tail-packing inline support")
> Fixes: b15b2e307c3a ("support on-disk compressed fragments data")
> Signed-off-by: Yue Hu <huyue2@coolpad.com>
> ---
> fs/erofs/zmap.c | 15 +++++++--------
> 1 file changed, 7 insertions(+), 8 deletions(-)
>
erofs: fix invalid unmapped accesses in z_erofs_fill_inode_lazy()
> diff --git a/fs/erofs/zmap.c b/fs/erofs/zmap.c
> index 44c27ef39c43..1a15bbf18ba3 100644
> --- a/fs/erofs/zmap.c
> +++ b/fs/erofs/zmap.c
> @@ -58,7 +58,7 @@ static int z_erofs_fill_inode_lazy(struct inode *inode)
> pos = ALIGN(iloc(EROFS_SB(sb), vi->nid) + vi->inode_isize +
> vi->xattr_isize, 8);
> kaddr = erofs_read_metabuf(&buf, sb, erofs_blknr(pos),
> - EROFS_KMAP_ATOMIC);
> + EROFS_KMAP);
kaddr = erofs_read_metabuf(&buf, sb, erofs_blknr(pos), EROFS_KMAP); ?
Also I will use kmap_local later to replace kmap and kmap_atomic if
possible.
> if (IS_ERR(kaddr)) {
> err = PTR_ERR(kaddr);
> goto out_unlock;
> @@ -73,7 +73,7 @@ static int z_erofs_fill_inode_lazy(struct inode *inode)
> vi->z_advise = Z_EROFS_ADVISE_FRAGMENT_PCLUSTER;
> vi->z_fragmentoff = le64_to_cpu(*(__le64 *)h) ^ (1ULL << 63);
> vi->z_tailextent_headlcn = 0;
> - goto unmap_done;
> + goto init_done;
> }
> vi->z_advise = le16_to_cpu(h->h_advise);
> vi->z_algorithmtype[0] = h->h_algorithmtype & 15;
> @@ -105,10 +105,6 @@ static int z_erofs_fill_inode_lazy(struct inode *inode)
> err = -EFSCORRUPTED;
> goto unmap_done;
> }
> -unmap_done:
> - erofs_put_metabuf(&buf);
> - if (err)
> - goto out_unlock;
>
> if (vi->z_advise & Z_EROFS_ADVISE_INLINE_PCLUSTER) {
> struct erofs_map_blocks map = {
> @@ -127,7 +123,7 @@ static int z_erofs_fill_inode_lazy(struct inode *inode)
> err = -EFSCORRUPTED;
> }
> if (err < 0)
> - goto out_unlock;
> + goto unmap_done;
> }
>
> if (vi->z_advise & Z_EROFS_ADVISE_FRAGMENT_PCLUSTER &&
> @@ -141,11 +137,14 @@ static int z_erofs_fill_inode_lazy(struct inode *inode)
> EROFS_GET_BLOCKS_FINDTAIL);
> erofs_put_metabuf(&map.buf);
> if (err < 0)
> - goto out_unlock;
> + goto unmap_done;
> }
> +init_done:
done:
> /* paired with smp_mb() at the beginning of the function */
> smp_mb();
> set_bit(EROFS_I_Z_INITED_BIT, &vi->flags);
> +unmap_done:
out_put_metabuf:
Thanks,
Gao Xiang
> + erofs_put_metabuf(&buf);
> out_unlock:
> clear_and_wake_up_bit(EROFS_I_BL_Z_BIT, &vi->flags);
> return err;
> --
> 2.25.1
>
next prev parent reply other threads:[~2022-10-04 16:08 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-10-04 14:49 [PATCH] erofs: fix the unmapped access in z_erofs_fill_inode_lazy() Yue Hu
2022-10-04 14:49 ` Yue Hu
2022-10-04 16:08 ` Gao Xiang [this message]
2022-10-04 16:08 ` Gao Xiang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YzxadSy1YToNHQGr@debian \
--to=xiang@kernel.org \
--cc=huyue2@coolpad.com \
--cc=linux-erofs@lists.ozlabs.org \
--cc=linux-kernel@vger.kernel.org \
--cc=zbestahu@163.com \
--cc=zhangwen@coolpad.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.