From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5BBB7145350; Thu, 11 Apr 2024 10:16:45 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1712830605; cv=none; b=s45GELQB3HMzTHEwX6VePIks0qarmdUG5raNGywcTz6fAtxN4YLz9rhPweHrs4eZI0CAxySXJ2ieDh1X4SRCMCtguj0qIhfpr0TptrZHX2mf8i9mequQOLTpt4sWSbxvkSv/UJaTUWlnGifK/Kv+vEk1YODCpnv5hO1V9OeYOaA= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1712830605; c=relaxed/simple; bh=D2SLecGdFmBGJJj2o7giNfEe1U53cF2DwZQjZRKOLvM=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=iwTyCBGLfVx34eJed5deZFY7R23jOW6bc6gFVf//dS8MxYgX5a+SjCsnqzl9ePxVWzfL3XzTQpIFyDjevERDvegA54z0T0XEnyC4pONB8QH2x/pvyH2gM01o7zmhfy4ROwyo5ySExOmmdz6809mkvtb31pEkLhMe5RF+mAPZtDM= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linuxfoundation.org header.i=@linuxfoundation.org header.b=VekfEFTe; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linuxfoundation.org header.i=@linuxfoundation.org header.b="VekfEFTe" Received: by smtp.kernel.org (Postfix) with ESMTPSA id D2AD2C433F1; Thu, 11 Apr 2024 10:16:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1712830605; bh=D2SLecGdFmBGJJj2o7giNfEe1U53cF2DwZQjZRKOLvM=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=VekfEFTewuz1DGFv3Jcadlt9mpvWN9ClrsBpzhLl3j5FqQ/bBryt454WPAwhW5lNi Py8ocQ0XTE6yjMXtqD2TGBOo5eflORk6lBm/Td9TbAIPhWFMdzKBT4Z7nZljvXlJPb GucNrzWR4Qug7CIQRR56w/pHVb36U3h53iTEKBv8= From: Greg Kroah-Hartman To: stable@vger.kernel.org Cc: Greg Kroah-Hartman , patches@lists.linux.dev, Maximilian Heyne , Srivathsa Dara , Theodore Tso , Sasha Levin Subject: [PATCH 5.4 055/215] ext4: fix corruption during on-line resize Date: Thu, 11 Apr 2024 11:54:24 +0200 Message-ID: <20240411095426.547600293@linuxfoundation.org> X-Mailer: git-send-email 2.44.0 In-Reply-To: <20240411095424.875421572@linuxfoundation.org> References: <20240411095424.875421572@linuxfoundation.org> User-Agent: quilt/0.67 X-stable: review X-Patchwork-Hint: ignore Precedence: bulk X-Mailing-List: stable@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit 5.4-stable review patch. If anyone has any objections, please let me know. ------------------ From: Maximilian Heyne [ Upstream commit a6b3bfe176e8a5b05ec4447404e412c2a3fc92cc ] We observed a corruption during on-line resize of a file system that is larger than 16 TiB with 4k block size. With having more then 2^32 blocks resize_inode is turned off by default by mke2fs. The issue can be reproduced on a smaller file system for convenience by explicitly turning off resize_inode. An on-line resize across an 8 GiB boundary (the size of a meta block group in this setup) then leads to a corruption: dev=/dev/ # should be >= 16 GiB mkdir -p /corruption /sbin/mke2fs -t ext4 -b 4096 -O ^resize_inode $dev $((2 * 2**21 - 2**15)) mount -t ext4 $dev /corruption dd if=/dev/zero bs=4096 of=/corruption/test count=$((2*2**21 - 4*2**15)) sha1sum /corruption/test # 79d2658b39dcfd77274e435b0934028adafaab11 /corruption/test /sbin/resize2fs $dev $((2*2**21)) # drop page cache to force reload the block from disk echo 1 > /proc/sys/vm/drop_caches sha1sum /corruption/test # 3c2abc63cbf1a94c9e6977e0fbd72cd832c4d5c3 /corruption/test 2^21 = 2^15*2^6 equals 8 GiB whereof 2^15 is the number of blocks per block group and 2^6 are the number of block groups that make a meta block group. The last checksum might be different depending on how the file is laid out across the physical blocks. The actual corruption occurs at physical block 63*2^15 = 2064384 which would be the location of the backup of the meta block group's block descriptor. During the on-line resize the file system will be converted to meta_bg starting at s_first_meta_bg which is 2 in the example - meaning all block groups after 16 GiB. However, in ext4_flex_group_add we might add block groups that are not part of the first meta block group yet. In the reproducer we achieved this by substracting the size of a whole block group from the point where the meta block group would start. This must be considered when updating the backup block group descriptors to follow the non-meta_bg layout. The fix is to add a test whether the group to add is already part of the meta block group or not. Fixes: 01f795f9e0d67 ("ext4: add online resizing support for meta_bg and 64-bit file systems") Cc: Signed-off-by: Maximilian Heyne Tested-by: Srivathsa Dara Reviewed-by: Srivathsa Dara Link: https://lore.kernel.org/r/20240215155009.94493-1-mheyne@amazon.de Signed-off-by: Theodore Ts'o Signed-off-by: Sasha Levin --- fs/ext4/resize.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/fs/ext4/resize.c b/fs/ext4/resize.c index 409b4ad28e718..d4431ca0c10e3 100644 --- a/fs/ext4/resize.c +++ b/fs/ext4/resize.c @@ -1567,7 +1567,8 @@ static int ext4_flex_group_add(struct super_block *sb, int gdb_num = group / EXT4_DESC_PER_BLOCK(sb); int gdb_num_end = ((group + flex_gd->count - 1) / EXT4_DESC_PER_BLOCK(sb)); - int meta_bg = ext4_has_feature_meta_bg(sb); + int meta_bg = ext4_has_feature_meta_bg(sb) && + gdb_num >= le32_to_cpu(es->s_first_meta_bg); sector_t padding_blocks = meta_bg ? 0 : sbi->s_sbh->b_blocknr - ext4_group_first_block_no(sb, 0); sector_t old_gdb = 0; -- 2.43.0