iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
35df4299a6
linux/fs/ext4
History
Qian Cai 35df4299a6 ext4: fix a data race in EXT4_I(inode)->i_disksize 
EXT4_I(inode)->i_disksize could be accessed concurrently as noticed by
KCSAN,

 BUG: KCSAN: data-race in ext4_write_end [ext4] / ext4_writepages [ext4]

 write to 0xffff91c6713b00f8 of 8 bytes by task 49268 on cpu 127:
  ext4_write_end+0x4e3/0x750 [ext4]
  ext4_update_i_disksize at fs/ext4/ext4.h:3032
  (inlined by) ext4_update_inode_size at fs/ext4/ext4.h:3046
  (inlined by) ext4_write_end at fs/ext4/inode.c:1287
  generic_perform_write+0x208/0x2a0
  ext4_buffered_write_iter+0x11f/0x210 [ext4]
  ext4_file_write_iter+0xce/0x9e0 [ext4]
  new_sync_write+0x29c/0x3b0
  __vfs_write+0x92/0xa0
  vfs_write+0x103/0x260
  ksys_write+0x9d/0x130
  __x64_sys_write+0x4c/0x60
  do_syscall_64+0x91/0xb47
  entry_SYSCALL_64_after_hwframe+0x49/0xbe

 read to 0xffff91c6713b00f8 of 8 bytes by task 24872 on cpu 37:
  ext4_writepages+0x10ac/0x1d00 [ext4]
  mpage_map_and_submit_extent at fs/ext4/inode.c:2468
  (inlined by) ext4_writepages at fs/ext4/inode.c:2772
  do_writepages+0x5e/0x130
  __writeback_single_inode+0xeb/0xb20
  writeback_sb_inodes+0x429/0x900
  __writeback_inodes_wb+0xc4/0x150
  wb_writeback+0x4bd/0x870
  wb_workfn+0x6b4/0x960
  process_one_work+0x54c/0xbe0
  worker_thread+0x80/0x650
  kthread+0x1e0/0x200
  ret_from_fork+0x27/0x50

 Reported by Kernel Concurrency Sanitizer on:
 CPU: 37 PID: 24872 Comm: kworker/u261:2 Tainted: G        W  O L 5.5.0-next-20200204+ #5
 Hardware name: HPE ProLiant DL385 Gen10/ProLiant DL385 Gen10, BIOS A40 07/10/2019
 Workqueue: writeback wb_workfn (flush-7:0)

Since only the read is operating as lockless (outside of the
"i_data_sem"), load tearing could introduce a logic bug. Fix it by
adding READ_ONCE() for the read and WRITE_ONCE() for the write.

Signed-off-by: Qian Cai <cai@lca.pw>
Link: https://lore.kernel.org/r/1581085751-31793-1-git-send-email-cai@lca.pw
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Cc: stable@kernel.org
2020-02-19 23:17:02 -05:00
..
acl.c ext4: compare old and new mode before setting update_mode flag 2018-12-10 00:22:38 -05:00
acl.h ext4: fix up remaining files with SPDX cleanups 2017-12-17 22:00:59 -05:00
balloc.c ext4: simulate various I/O and checksum errors when reading metadata 2019-12-26 11:28:31 -05:00
bitmap.c
block_validity.c ext4: add cond_resched() to ext4_protect_reserved_inode 2020-02-13 11:56:26 -05:00
dir.c ext4: fix checksum errors with indexed dirs 2020-02-13 11:56:19 -05:00
ext4_extents.h ext4: make some functions static in extents.c 2020-01-17 16:24:54 -05:00
ext4_jbd2.c ext4: uninline ext4_inode_journal_mode() 2020-01-17 16:24:52 -05:00
ext4_jbd2.h ext4: uninline ext4_inode_journal_mode() 2020-01-17 16:24:52 -05:00
ext4.h ext4: fix a data race in EXT4_I(inode)->i_disksize 2020-02-19 23:17:02 -05:00
extents_status.c ext4: use percpu_counters for extent_status cache hits/misses 2019-08-28 11:19:23 -04:00
extents_status.h ext4: fix extent_status trace points 2020-01-25 02:03:03 -05:00
extents.c ext4: fix extent_status fragmentation for plain files 2020-01-23 12:02:15 -05:00
file.c ext4: Optimize ext4 DIO overwrites 2019-12-26 11:57:18 -05:00
fsmap.c ext4: fix miscellaneous sparse warnings 2019-05-12 04:49:47 -04:00
fsmap.h ext4: fix up remaining files with SPDX cleanups 2017-12-17 22:00:59 -05:00
fsync.c ext4: update ext4_sync_file() to not use __generic_file_fsync() 2019-11-05 11:31:40 -05:00
hash.c ext4: fix kernel oops caused by spurious casefold flag 2019-09-03 01:43:17 -04:00
ialloc.c ext4: simulate various I/O and checksum errors when reading metadata 2019-12-26 11:28:31 -05:00
indirect.c ext4: remove ext4_{ind,ext}_calc_metadata_amount() 2020-01-17 16:24:54 -05:00
inline.c ext4,jbd2: fix comment and code style 2020-01-25 02:24:53 -05:00
inode-test.c kunit: allow kunit tests to be loaded as a module 2020-01-09 16:42:29 -07:00
inode.c ext4: fix a data race in EXT4_I(inode)->i_disksize 2020-02-19 23:17:02 -05:00
ioctl.c ext4: Add EXT4_IOC_FSGETXATTR/EXT4_IOC_FSSETXATTR to compat_ioctl 2020-01-17 16:24:55 -05:00
Kconfig This merge window, we've added some performance improvements in how we 2020-01-30 15:17:05 -08:00
Makefile kunit: allow kunit tests to be loaded as a module 2020-01-09 16:42:29 -07:00
mballoc.c ext4: save the error code which triggered an ext4_error() in the superblock 2019-12-26 11:28:23 -05:00
mballoc.h ext4: fix up remaining files with SPDX cleanups 2017-12-17 22:00:59 -05:00
migrate.c ext4: Reserve revoke credits for freed blocks 2019-11-05 16:00:49 -05:00
mmp.c ext4: don't assume that mmp_nodename/bdevname have NUL 2020-02-13 11:53:10 -05:00
move_extent.c ext4: use jbd2_inode dirty range scoping 2019-06-20 17:26:26 -04:00
namei.c ext4: fix checksum errors with indexed dirs 2020-02-13 11:56:19 -05:00
page-io.c ext4: fix deadlock allocating crypto bounce page from mempool 2020-01-17 16:24:54 -05:00
readpage.c ext4: remove unneeded check for error allocating bio_post_read_ctx 2020-01-17 16:24:54 -05:00
resize.c ext4: drop ext4_kvmalloc() 2020-01-17 16:24:55 -05:00
super.c Miscellaneous ext4 bug fixes (all stable fodder) 2020-02-16 11:12:06 -08:00
symlink.c ext4: switch to fscrypt_get_symlink() 2018-01-11 22:10:40 -05:00
sysfs.c ext4: export information about first/last errors via /sys/fs/ext4/<dev> 2019-12-26 11:29:10 -05:00
truncate.h ext4: handle layout changes to pinned DAX mappings 2018-07-29 17:00:22 -04:00
verity.c fs-verity: implement readahead of Merkle tree pages 2020-01-14 13:27:32 -08:00
xattr_security.c ext4: use XATTR_CREATE in ext4_initxattrs() 2018-05-10 11:52:14 -04:00
xattr_trusted.c
xattr_user.c
xattr.c ext4: drop ext4_kvmalloc() 2020-01-17 16:24:55 -05:00
xattr.h ext4: add extra checks to ext4_xattr_block_get() 2018-03-30 20:04:11 -04:00