From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: stable@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
patches@lists.linux.dev, linux-xfs@vger.kernel.org,
"Darrick J. Wong" <djwong@kernel.org>,
Dave Chinner <dchinner@redhat.com>,
Christoph Hellwig <hch@lst.de>,
Catherine Hoang <catherine.hoang@oracle.com>
Subject: [PATCH 6.6 263/396] xfs: make xchk_iget safer in the presence of corrupt inode btrees
Date: Mon, 1 Apr 2024 17:45:12 +0200 [thread overview]
Message-ID: <20240401152555.747717568@linuxfoundation.org> (raw)
In-Reply-To: <20240401152547.867452742@linuxfoundation.org>
6.6-stable review patch. If anyone has any objections, please let me know.
------------------
From: "Darrick J. Wong" <djwong@kernel.org>
commit 3f113c2739b1b068854c7ffed635c2bd790d1492 upstream.
When scrub is trying to iget an inode, ensure that it won't end up
deadlocked on a cycle in the inode btree by using an empty transaction
to store all the buffers.
Signed-off-by: Darrick J. Wong <djwong@kernel.org>
Reviewed-by: Dave Chinner <dchinner@redhat.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Catherine Hoang <catherine.hoang@oracle.com>
Acked-by: Darrick J. Wong <djwong@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
fs/xfs/scrub/common.c | 6 ++++--
fs/xfs/scrub/common.h | 25 +++++++++++++++++++++++++
fs/xfs/scrub/inode.c | 4 ++--
3 files changed, 31 insertions(+), 4 deletions(-)
--- a/fs/xfs/scrub/common.c
+++ b/fs/xfs/scrub/common.c
@@ -733,6 +733,8 @@ xchk_iget(
xfs_ino_t inum,
struct xfs_inode **ipp)
{
+ ASSERT(sc->tp != NULL);
+
return xfs_iget(sc->mp, sc->tp, inum, XFS_IGET_UNTRUSTED, 0, ipp);
}
@@ -882,8 +884,8 @@ xchk_iget_for_scrubbing(
if (!xfs_verify_ino(sc->mp, sc->sm->sm_ino))
return -ENOENT;
- /* Try a regular untrusted iget. */
- error = xchk_iget(sc, sc->sm->sm_ino, &ip);
+ /* Try a safe untrusted iget. */
+ error = xchk_iget_safe(sc, sc->sm->sm_ino, &ip);
if (!error)
return xchk_install_handle_inode(sc, ip);
if (error == -ENOENT)
--- a/fs/xfs/scrub/common.h
+++ b/fs/xfs/scrub/common.h
@@ -151,6 +151,11 @@ void xchk_iunlock(struct xfs_scrub *sc,
void xchk_buffer_recheck(struct xfs_scrub *sc, struct xfs_buf *bp);
+/*
+ * Grab the inode at @inum. The caller must have created a scrub transaction
+ * so that we can confirm the inumber by walking the inobt and not deadlock on
+ * a loop in the inobt.
+ */
int xchk_iget(struct xfs_scrub *sc, xfs_ino_t inum, struct xfs_inode **ipp);
int xchk_iget_agi(struct xfs_scrub *sc, xfs_ino_t inum,
struct xfs_buf **agi_bpp, struct xfs_inode **ipp);
@@ -158,6 +163,26 @@ void xchk_irele(struct xfs_scrub *sc, st
int xchk_install_handle_inode(struct xfs_scrub *sc, struct xfs_inode *ip);
/*
+ * Safe version of (untrusted) xchk_iget that uses an empty transaction to
+ * avoid deadlocking on loops in the inobt. This should only be used in a
+ * scrub or repair setup routine, and only prior to grabbing a transaction.
+ */
+static inline int
+xchk_iget_safe(struct xfs_scrub *sc, xfs_ino_t inum, struct xfs_inode **ipp)
+{
+ int error;
+
+ ASSERT(sc->tp == NULL);
+
+ error = xchk_trans_alloc(sc, 0);
+ if (error)
+ return error;
+ error = xchk_iget(sc, inum, ipp);
+ xchk_trans_cancel(sc);
+ return error;
+}
+
+/*
* Don't bother cross-referencing if we already found corruption or cross
* referencing discrepancies.
*/
--- a/fs/xfs/scrub/inode.c
+++ b/fs/xfs/scrub/inode.c
@@ -94,8 +94,8 @@ xchk_setup_inode(
if (!xfs_verify_ino(sc->mp, sc->sm->sm_ino))
return -ENOENT;
- /* Try a regular untrusted iget. */
- error = xchk_iget(sc, sc->sm->sm_ino, &ip);
+ /* Try a safe untrusted iget. */
+ error = xchk_iget_safe(sc, sc->sm->sm_ino, &ip);
if (!error)
return xchk_install_handle_iscrub(sc, ip);
if (error == -ENOENT)
next prev parent reply other threads:[~2024-04-01 16:49 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20240401152547.867452742@linuxfoundation.org>
2024-04-01 15:45 ` [PATCH 6.6 253/396] xfs: move the xfs_rtbitmap.c declarations to xfs_rtbitmap.h Greg Kroah-Hartman
2024-04-01 15:45 ` [PATCH 6.6 254/396] xfs: convert rt bitmap extent lengths to xfs_rtbxlen_t Greg Kroah-Hartman
2024-04-01 15:45 ` [PATCH 6.6 255/396] xfs: consider minlen sized extents in xfs_rtallocate_extent_block Greg Kroah-Hartman
2024-04-01 15:45 ` [PATCH 6.6 256/396] xfs: dont leak recovered attri intent items Greg Kroah-Hartman
2024-04-01 15:45 ` [PATCH 6.6 257/396] xfs: use xfs_defer_pending objects to recover " Greg Kroah-Hartman
2024-04-01 15:45 ` [PATCH 6.6 258/396] xfs: pass the xfs_defer_pending object to iop_recover Greg Kroah-Hartman
2024-04-01 15:45 ` [PATCH 6.6 259/396] xfs: transfer recovered intent item ownership in ->iop_recover Greg Kroah-Hartman
2024-04-01 15:45 ` [PATCH 6.6 260/396] xfs: make rextslog computation consistent with mkfs Greg Kroah-Hartman
2024-04-01 15:45 ` [PATCH 6.6 261/396] xfs: fix 32-bit truncation in xfs_compute_rextslog Greg Kroah-Hartman
2024-04-01 15:45 ` [PATCH 6.6 262/396] xfs: dont allow overly small or large realtime volumes Greg Kroah-Hartman
2024-04-01 15:45 ` Greg Kroah-Hartman [this message]
2024-04-01 15:45 ` [PATCH 6.6 264/396] xfs: remove unused fields from struct xbtree_ifakeroot Greg Kroah-Hartman
2024-04-01 15:45 ` [PATCH 6.6 265/396] xfs: recompute growfsrtfree transaction reservation while growing rt volume Greg Kroah-Hartman
2024-04-01 15:45 ` [PATCH 6.6 266/396] xfs: fix an off-by-one error in xreap_agextent_binval Greg Kroah-Hartman
2024-04-01 15:45 ` [PATCH 6.6 267/396] xfs: force all buffers to be written during btree bulk load Greg Kroah-Hartman
2024-04-01 15:45 ` [PATCH 6.6 268/396] xfs: add missing nrext64 inode flag check to scrub Greg Kroah-Hartman
2024-04-01 15:45 ` [PATCH 6.6 269/396] xfs: initialise di_crc in xfs_log_dinode Greg Kroah-Hartman
2024-04-01 15:45 ` [PATCH 6.6 270/396] xfs: short circuit xfs_growfs_data_private() if delta is zero Greg Kroah-Hartman
2024-04-01 15:45 ` [PATCH 6.6 271/396] xfs: add lock protection when remove perag from radix tree Greg Kroah-Hartman
2024-04-01 15:45 ` [PATCH 6.6 272/396] xfs: fix perag leak when growfs fails Greg Kroah-Hartman
2024-04-01 15:45 ` [PATCH 6.6 273/396] xfs: ensure logflagsp is initialized in xfs_bmap_del_extent_real Greg Kroah-Hartman
2024-04-01 15:45 ` [PATCH 6.6 274/396] xfs: update dir3 leaf block metadata after swap Greg Kroah-Hartman
2024-04-01 15:45 ` [PATCH 6.6 275/396] xfs: reset XFS_ATTR_INCOMPLETE filter on node removal Greg Kroah-Hartman
2024-04-01 15:45 ` [PATCH 6.6 276/396] xfs: remove conditional building of rt geometry validator functions Greg Kroah-Hartman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240401152555.747717568@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=catherine.hoang@oracle.com \
--cc=dchinner@redhat.com \
--cc=djwong@kernel.org \
--cc=hch@lst.de \
--cc=linux-xfs@vger.kernel.org \
--cc=patches@lists.linux.dev \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox